Re: [Samba] Samba Upgrade
If you could find a spare server box somewhere, it is always nice to have the luxury of building a test machine to trial a new system before finally pulling the plug on a reliable known-to-work system. AFAIK samba 3.0.4 is the latest stable version, most new distros now include it (eg Slackware 10 which was released a couple of weeks back). If you're going to upgrade, you may as well go for the latest stable version as a general rule. Michael Hall On Tue, 2004-07-20 at 15:14, Nik Trevallyn-Jones wrote: Hi Folks, I would really appreciate any words of wisdom people here could provide me. I have Samba 2.2.7a, as shipped with RH 9.0, running on a server, supporting about 25 W2k clients. The linux kernel is running in SMP mode to use the Hyper-Threaded Pentium-4 CPU. I have tried to create the simplest SAMBA setup possible, so have no LDAP, ACLS, etc. The 25 w2k clients are all architects running CAD software and working on a major building design, so I cannot afford down time, nor unexpected server behaviour. The 2.2.7a Samba has been the epitome of reliability and efficiency. However, I really need to enable recycle bins, to better recover accidentally deleted files. I have tried to enable the recycle VFO in 2.2.7a, but with no success, so I am considering upgrading to Samba 3.x. My current plan is to shut down the SAMBA services, backup the /etc/samba directory, uninstall samba 2.2.7, install SAMBA 3.x, copy my /etc/samba back in, and restart samba. Q: Is there any advice that people would offer me on this? Q: Is there a particular version of Samba that I should upgrade to in preference to others? Q: Is there a simple HOW-TO on the recycle-bin VFO for 2.2.7? Q: Are there any additional procedures I should employ in the upgrade? Thanks in advance for any and all advice. Cheers! Nik -- -- Ninti Systems: Smart IT Solutions Michael Hall Mobile: 0429 095 392 Ph/Fax: 08 8953 1442 Email: office at ninti dot com dot au Web:http://ninti.com.au -- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] logging in to PDC with Win98
Hiya I've got FreeBSD and Samba 2.2 running quite nicely on a server I ma using for web page development. This is on a 3 PC network at home using fixed IP addresses 192.168.0.x etc. However, last night I tried to make it into a PDC following the PDC Howto document. all seemed well till I tried to login to it -: The netbios name is 'micah' the server name was 'micah.ru.ac.za' which is the full domain of the network I installed it on here at work. I set my Win98SE machine to ;login to domain; and told it the domain name was 'micah' I got an instant dialog saying ;incorrect parameter; and it will not login I then tried '\\micah' but it also will not work. I then added '.ru.ac.za' to the domain name I then got a delay followed by a long message saying in essense 'I could not find a domain to authorize against, so some of the network won't work' and then the login proceeds, I do not get a home directory, but a preexisting drive mapping works fine, and no sign of the login script running at all (I created a simple batch file that just annouces itself, and I did make it executable) I then messed around with the server name, making is just 'micah', or 'micha.home'. no change in the above results. I checked, and rechecked, the lmhosts and hosts files on my Win98 box, all ok there, and of course the server is browsable after the failed login. The server is not running DNS or anything else remotely fancy. It just exists as a web server for developing new PHP code, and I use Samba to make it easy to edit the web files. So what is it that I am missing? (note I have NEVER logged into any kind of MS domain server, ever. We have Novell at the office) -- DA Fo rsythNetwork Supervisor Principal Technical Officer -- Institute for Water Research http://www.ru.ac.za/institutes/iwr/ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: String overflow in safe_strcpy .
Is there another way to make shares readable to 16 bit apps that use the 8.3 filename. because with out specifying mangling method = hash the file names are completly mangled and only the first letter remains the same. Where as mangling method = hash only mangles the last 3 letters. Carl. Carl Matthews wrote: Hi Jeremy, Sorry for not replying sooner, ive attached my config file. as a quick test, I created a folder called : Test Directory That Is Long under which i created a folder called This folder is long too and a file called This Folder is long.txt and this gives me the string errors. Thanks. Jeremy Allison wrote: On Wed, Jul 14, 2004 at 11:03:26PM +0100, Carl wrote: Just Installed 3.0.5rc1 and the problem persists unfortunately, Ok, can you give me the smb.conf file and the directory and filenames you're using. I'll see if I can reproduce with the latest SVN code. Thanks, Jeremy. # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2004/06/23 10:15:40 # Global parameters [global] server string = Mandrake1 netbios aliases = FC1 password server = None guest account = mleall username map = /etc/samba/smbusers log level = 0 log file = /var/log/samba/%m.log max log size = 500 name resolve order = wins lmhosts host bcas deadtime = 15 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 load printers = No mangling method = hash preferred master = Yes domain master = No dns proxy = No wins support = Yes oplock break wait time = 100 ldap ssl = no valid users = @MLE-ALL create mask = 0775 directory mask = 0775 guest ok = Yes dos filemode = Yes [NET-Eng] comment = Product Design By Genius path = /mnt/mle-net/MLE-NET/MLE-NET-Eng write list = @MLE-ALL force user = mleall read only = No [NET-GMDB] comment = MLE-NET GoldMine DB path = /mnt/mle-net/MLE-NET/MLE-NET-GMDB write list = @MLE-ALL force user = mleall read only = No veto oplock files = /*.DBT/*.DBF/*.MDX/ blocking locks = No level2 oplocks = No dos filemode = No [NET-Public] comment = MLE-NET Public Share path = /home/local/samba-public write list = @MLE-ALL force user = mleall read only = No copy = NET-Eng -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Samba+LDAP - so close yet so far :) ...STILL NOT SOLVED
Dear lists... But this still un-solved the real problem to join w2k to samba3-ldap . I'm here with the same situation. I even switch my distro to SuSe with same result, still cant join domain. Please give us hint how to solve or debug this problem. regards reza -Original Message- From: Craig White [mailto:[EMAIL PROTECTED] Sent: Tue 7/20/2004 9:48 AM To: [EMAIL PROTECTED] Cc: Subject:Re: [Samba] Samba+LDAP - so close yet so far :) ...STILL NOT SOLVED On Mon, 2004-07-19 at 19:34, Jos Ildefonso Camargo Tolosa wrote: http://samba.idealx.org/smbldap-howto.fr.html as you recommended. I have one big question, which one do I put in '/etc/ldap.conf' nss_base_passwd dc=wbcoll,dc=edu?one nss_base_shadow dc=wbcoll,dc=edu?one nss_base_group ou=Groups,dc=wbcoll,dc=edu?one or nss_base_passwdou=Users,dc=wbcoll,dc=edu?one nss_base_shadowou=Users,dc=wbcoll,dc=edu?one nss_base_group ou=Groups,dc=wbcoll,dc=edu?one Neither, use this: nss_base_passwd dc=wbcoll,dc=edu?sub nss_base_shadow dc=wbcoll,dc=edu?sub nss_base_group ou=Groups,dc=wbcoll,dc=edu?one Look at the sub, it tells the system to descend to all the sub-objects it may have. --- It is pertinent to consider that this suggestion waives any efficiency for ease of use as it will tell all user lookups to search the entire LDAP tree. I already told him to use his second choice as that is most efficient. I recognize that your option would permit the option of trying to use a separate organizational unit for Computers but this guy is endlessly confused, and simple is clearly better for his purposes, without considering the impact of excessive searching of the LDAP db. Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] samba3 as NT4 BDC or domain member
i try to configure samba 3 as NT4 BDC or domain member with a whitebox linux i follow http://www.comp.hkbu.edu.hk/docs/s/samba30/htmldocs/howto/NT4Migration.html but get following error [EMAIL PROTECTED] root]# net rpc join -S serveur -w LSCOT -U Administrateur%xxx Joined domain LSCOT. [EMAIL PROTECTED] root]# net rpc vampire -S serveur -U Administrateur%xxx Fetching DOMAIN database Failed to fetch domain database: NT_STATUS_ACCESS_DENIED NT4 log returns refused access and just before, complains about missing trust relationship in the security database of the computer. as for now, i mainly want this server to serve file (BDC is bonus), i try to get it as domain member only but if joining domain works, user auth doesn't (passwd server is defined) local unix user and win domain user can't authentificate w or w/o group mapping defined. ideas ? thanks regards julien # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command testparm # to check that you have not many any basic syntactic errors. # ## ## links ## http://www.osnews.com/story.php?news_id=6684 ## tuning ## http://www.oreilly.com/catalog/samba/chapter/book/appb_02.html ## #=== Global Settings = [global] # workgroup = NT-Domain-Name or Workgroup-Name, eg: REDHAT4 ; workgroup = Win_test workgroup = LSCOT # server string is the equivalent of the NT Description field server string = Samba Server netbios name = whitebox netbios aliases = fichiers # netbios aliases = ntinstall # This option is important for security. It allows you to restrict # connections to machines which are on your local network. The # following example restricts access to two C class networks and # the loopback interface. For more examples of the syntax see # the smb.conf man page ; hosts allow = 192.168.1. 192.168.2. 127. hosts deny = ALL hosts allow = 192.168.1. 127. ; hosts allow = 192.168. EXCEPT 192.168.3.99 # If you want to automatically load your printer list rather # than setting them up individually then you'll need this ; load printers = yes # you may wish to override the location of the printcap file ; printcap name = /etc/printcap # on SystemV system setting printcap name to lpstat should allow # you to automatically obtain a printer list from the SystemV spool # system ; printcap name = lpstat # It should not be necessary to specify the print system type unless # it is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx ; printing = bsd ## ## printing ## print command = /usr/bin/lpr -r -P%p %s lpq command = /usr/bin/lpq -P%p %s lprm command = /usr/bin/lprm -P%p %j queuepause command = /usr/sbin/lpc -P%p stop queueresume command = /usr/sbin/lpc -P%p start ## max print jobs allowed (0 no limit) ;total print jobs = 10 #lpq cache = 30 # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user nobody is used ; guest account = pcguest # this tells Samba to use a separate log file for each machine # that connects ; %m NetBIOS name of the client machine ; log file = /var/log/smbd.%m ; %I IP log file = /var/log/smbd.%I # Default is 0 log level = 0 # Put a capping on the size of the log files (in Kb). max log size = 500 # Security mode. Most people will want user level security. See # security_level.txt for details. ;security = user ;security = member ??? security = domain # Use password server option only with security = server # The argument list may include: # password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] # or to auto-locate the domain controller/s # password server = * ; password server = NT-Server-Name ; password server = serveur_nt1 # Note: Do NOT use the now deprecated option of domain controller # This option is no longer implemented. # You may wish to use password encryption. Please read # ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. # Do not enable this option unless you have read those documents encrypt passwords = yes # Using the following line enables you to customise your configuration # on a per machine basis. The %m gets replaced with the netbios name # of the machine that is connecting ; include = /usr/local/samba/lib/smb.conf.%m # Most people will find that this option gives better performance. # See speed.txt and the manual pages for details # You
[Samba] LOGIC ERROR in smbd locks system...
Hello, i have a little problem here: Using Samba 2.2.2 with IBM ClearCase (2003) on a Sun Solaris 8 machine (2 cpus, 4G ram) (IBM does not support Samba 3.0 with Clearcase, maybe Samba 3.0 will fix the problem, but not able to test it yet). There are more than 100 smbd processes running in average. Load average of the maschine: under 1.0 in normal operation. But from time to time there are system locks, means: there are many smbd's running (over 50 and more) that produces an load average of over 50.0 ! These processes consume about 2% cpu time per smbd, resulting in: cpu state: 0% idle 10% user 90% kernel. Simply: the machine does not responded to any request log.smbd says: [2004/07/20 10:07:48, 0] locking/locking.c:delete_fn(252) locking : delete_fn. LOGIC ERROR ! Entry for pid 16008 and it no longer exists! [2004/07/20 10:07:48, 0] locking/locking.c:delete_fn(252) locking : delete_fn. LOGIC ERROR ! Entry for pid 23576 and it no longer exists! [2004/07/20 10:07:48, 0] locking/locking.c:delete_fn(252) locking : delete_fn. LOGIC ERROR ! Entry for pid 4160 and it no longer exists! [2004/07/20 10:07:48, 0] locking/locking.c:delete_fn(252) locking : delete_fn. LOGIC ERROR ! Entry for pid 22062 and it no longer exists! [2004/07/20 10:07:48, 0] locking/locking.c:delete_fn(252) locking : delete_fn. LOGIC ERROR ! Entry for pid 9311 and it no longer exists! [2004/07/20 10:07:48, 0] locking/locking.c:delete_fn(252) locking : delete_fn. LOGIC ERROR ! Entry for pid 9311 and it no longer exists! Seems that smbd's are terminated and restarted again?! But what can cause this behaviour? Are there any timeouts in smbd that can cause this? Maybe the problem arise, if someone want to access a clearcase element over a clearcase view that is shared over samba to the windows world. If the element's size is huge and maybe compressed, clearcase can take a while to extract the element from the vob and give a response back to samba. But i can not understand, why nearly *all* smbd's are influenced? Many thanks for any help Thomas Maier -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] i need recycle bin configuration
Hi, there are a few things to do to get this working with samba-2.x.x: 1.) build the vfs-modules, they are not compiled by the default makefile in samba 2.x.x. To do this go in the samba-2.x.x/examples/VFS directory and do a ./configure; make 2.) copy the module recycle/recycle.so to a directory of your choice, i use (as an example) /etc/samba/VFS 3.) for each share you want the recycle-function to be enabled on, put the following lines in the share-section of your smb.conf: vfs object = /etc/samba/VFS/recycle.so vfs options= /etc/samba/VFS/recycle.conf don't forget to adjust the path to the place whre you put the files to. 4.) create the file recycle.conf. as an example, mine contains the lines: name = .recycle/%U mode = KEEP_DIRECTORIES|VERSIONS|TOUCH maxsize = 0 exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~??|*.log|*.trace excludedir = /tmp|/temp|/cache noversions = *.doc|*.ppt|*.dat|*.ini the available options for the module are documented in the file samba-2.x.x/examples/VFS/README. 5.) create the .recycle directory in the root of each share with full acces for all users who have acess to the share. if you miss this step the dir will get created with wrong permisions when the first user deletes a file, and all files deleted by other user will get lost. for the samba 3.x-branch the procedure has changed completly. The VFS modules have been integrated in the normal make/install process, so you don't have to compile them for your on, and the complete configuration now goes into smb.conf, no need to create a separate file for it. for example i use the folowing lines in my [homes] section: vfs object = recycle recycle:repository = .Papierkorb/%U recycle:keeptree = Yes recycle:touch = Yes recycle:versions = Yes recycle:maxsize = 0 recycle:exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.~?? recycle:excludedir = /tmp|/temp|/cache recycle:noversions = *.doc|*.xls|*.ppt and it works out of the box like a charm have much fun Christoph andry schrieb: any one can help me how to setting up recycle bin on samba or manual references webstie btw i'm using redhat 7.2 samba 2.2.7.. === Gabung INSTANIA, dapatkan XENIA. Daftar di www.telkomnetinstan.com, langsung dapat akses Internet Gratis.. Dan ..ikuti Instan Smile berhadiah Xenia,Tour S'pore, Komputer,dll, info hub : TELKOM Jatim 0-800-1-467826 === -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Question about permissions
Hi, First of all, my apologies for the extension of this message, but it is needeed for you to undertand my problem. Straight to the point: i have this domain in my company running in Samba 3.0.2 My users are: hcoelho, jardim, gamito, yesenia, smatias, fqueiros, faugusto, vamaro, peixinho, aragao, dina, pinho. I have this shares with the users that can access them and the correponding Linux groups: [DAT]: hcoelho, jardim, fqueiros, gamito, faugusto = Linux group A [DID]: hcoelho, jardim, gamito, faugusto, peixinho, aragao, vamaro = Linux group B [DGM]: hcoelho, jardim, smatias = Linux group C [SAD]: hcoelho, jardi, yesenia = Linux group D [NTL]: Everybody = Linux group E [arquivo]: everybody [backups]: jardim, gamito, filipe = Linux group G [biblioteca]: everybody [desenvolvimento]: jardim, gamito, faugusto user's groups: coelho : d hcoelho a b c e f g jardim : d jardim a b c e f g h gamito : gamito a b e f g h (etc...) Besides these shares, there are the homes also. Problems: If hcoelho, for instance, copies a file to share [SAD], yesenia can't open it (and it should, as above), because it is copied with group A. I've already used force group in smb.conf, but then, my users can't access their homes. Following my signature is my smb.conf Any help would be appreciated. Warm Regards, Mário Gamito smb.conf: -- ## ## # smb.conf : criado por Mário Gamito # # Data: 21/06/04 # ## ## [global] workgroup = NETUAL netbios name = bateira server string = Beatrix Kiddo # scripts para alterar o /etc/passwd quando o utilizador muda a password no Windows passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* #username map = /etc/samba/smbusers unix password sync = Yes log level = 2 log file = /etc/samba/individual/%m.log name resolve order = wins lmhosts host time server = Yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 load printers = No #oplocks = No add user script = /usr/sbin/useradd -n -g domainusers -G domainguests -d /dev/null -s /bin/false -M %u delete user script = /usr/sbin/userdel %u add group script = /usr/sbin/groupadd -r %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/bin/gpasswd -a %u %g delete user from group script = /usr/bin/gpasswd -d %u %g set primary group script = /usr/sbin/usermod -g '%g' '%u' add machine script = /usr/sbin/adduser -n -g domainmachines -c Machine -d /dev/null -s /bin/false %u smb passwd file = /etc/samba/passwd logon script = netualinit.bat logon path = \\%L\profiles\%U logon home = \\%L\%U logon drive = H: domain logons = Yes os level = 64 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes message command = echo obrigado | smbclient -M %f panic action = echo Isto é uma mensagem automática: O servidor crashou. Contacte o Mário Gamito | smbclient -M shuttle host msdfs = Yes admin users = domainroot hosts allow = 10.10.1., 10.10.2. hosts deny = ALL hide files = /.bash_profile/.bash_logout/.bashrc/.gtkrc/.kde/.zshrc/ [homes] comment = Home Directories read only = No browseable = No create mask = 0600 directory mask = 0700 [Profiles] comment = Windows profiles para os utilizadores que carregam as suas preferências a partir do servidor. path = /etc/samba/profiles browseable = No read only = No create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /etc/samba/netlogon browseable = No writeable = No browseable = No [arquivo] comment = pasta de arquivo path = /home/arquivo/ writeable = Yes browseable = Yes create mask = 660 directory mask = 777 #force group = @f [SAD] comment = pasta da SAD path = /home/SAD writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @d [DAT] comment = pasta da DAT path = /home/DAT writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @a [DID] comment = pasta da DID path = /home/DID writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @b [DGM] comment = pasta da DGM path = /home/DGM writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @c [SAD] comment = pasta da SAD path = /home/SAD writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @d [backups] comment = pasta de backups path = /home/backups writeable = Yes browseable = Yes create mask = 666 directory mask = 770 #force group = @g [biblioteca] comment = pasta da biblioteca path = /home/biblioteca writeable = Yes browseable = Yes create mask = 666 directory mask = 777 #force group = @f [desenvolvimento] comment = pasta do devel team path = /home/desenvolvimento writeable = Yes browseable = Yes create mask
[Samba] Samba make errors
I am trying to install Samba version 3.0.4 to work with SSL on an IBM server 7029 running AIX version 5.1 maint level4. The C compiler installed on the server is vac.C version 6.0.0.0 The steps i have taken so far are from the source directory i have run ./configure--with-ssl which completed without errors. I have then run the make command from the source directory but this comes back with the following warnings and then stops at the nsswitch config. I have searched for these warning messages but can not find any relevant information so please could someone tell me what these warnings actually mean and if there is anything i need to change to fix these. Please find below warnings extracted from make smbd/chgpasswd.c, line 551.35: 1506-280 (W) Function argument assignment between types struct passwd* and const struct passwd* is not allowed. rpc_server/srv_spoolss_nt.c, line 4288.51: 1506-280 (W) Function argument assignment between types struct uuid* and struct uuid_flat* is not allowed. printing/pcap.c, line 276.17: 1506-280 (W) Function argument assignment between types unsigned char* and const unsigned char* is not allowed. printing/pcap.c, line 277.25: 1506-280 (W) Function argument assignment between types unsigned char* and const unsigned char* is not allowed. printing/pcap.c, line 277.29: 1506-280 (W) Function argument assignment between types unsigned char* and const unsigned char* is not allowed. lib/util_str.c, line 1324.24: 1506-068 (W) Operation between types unsigned char* and const unsigned char* is not allowed. tdb/tdbutil.c, line 46.18: 1506-068 (W) Operation between types unsigned char* and const unsigned char* is not allowed. lib/popt_common.c, line 118.39: 1506-196 (W) Initialization between types void* and void(*)(struct poptContext_s*,enum poptCallbackReason,const struct poptOption*,const unsigned char*,const void*) is not allowed. lib/popt_common.c, line 129.55: 1506-196 (W) Initialization between types void* and void(*)(struct poptContext_s*,enum poptCallbackReason,const struct poptOption*,const unsigned char*,const void*) is not allowed. lib/popt_common.c, line 138.39: 1506-196 (W) Initialization between types void* and void(*)(struct poptContext_s*,enum poptCallbackReason,const struct poptOption*,const unsigned char*,const void*) is not allowed. lib/popt_common.c, line 386.55: 1506-196 (W) Initialization between types void* and void(*)(struct poptContext_s*,enum poptCallbackReason,const struct poptOption*,const unsigned char*,const void*) is not allowed. Compiling nsswitch/winbindd.c 569 1500-010: (W) WARNING in process_loop: Infinite loop. Program may not stop. nsswitch/winbindd_group.c, line 1042.49: 1506-280 (W) Function argument assignment between types int* and unsigned int* is not allowed. nsswitch/winbindd_group.c, line 1087.54: 1506-280 (W) Function argument assignment between types int* and unsigned int* is not allowed. nsswitch/winbindd_group.c, line 1100.66: 1506-280 (W) Function argument assignment between types int* and unsigned int* is not allowed. nsswitch/winbindd_group.c, line 1120.54: 1506-280 (W) Function argument assignment between types int* and unsigned int* is not allowed. nsswitch/winbindd_group.c, line 1127.32: 1506-280 (W) Function argument assignment between types int* and unsigned int* is not allowed. Compiling nsswitch/winbindd_dual.c 171 1500-010: (W) WARNING in do_dual_daemon: Infinite loop. Program may not stop. Compiling client/client.c client/client.c, line 699.34: 1506-280 (W) Function argument assignment between types unsigned long long* and unsigned long* is not allowed. client/client.c, line 1075.60: 1506-280 (W) Function argument assignment between types unsigned long long* and unsigned long* is not allowed. utils/net_idmap.c, line 123.27: 1506-280 (W) Function argument assignment between types unsigned int* and int* is not allowed. utils/net_idmap.c, line 123.43: 1506-280 (W) Function argument assignment between types unsigned int* and int* is not allowed. utils/net_idmap.c, line 124.27: 1506-280 (W) Function argument assignment between types unsigned int* and int* is not allowed. utils/net_idmap.c, line 124.44: 1506-280 (W) Function argument assignment between types unsigned int* and int* is not allowed. utils/smbcontrol.c, line 431.63: 1506-280 (W) Function argument assignment between types unsigned char* and const unsigned char* is not allowed. rpcclient/cmd_spoolss.c, line 452.41: 1506-280 (W) Function argument assignment between types unsigned int* and int* is not allowed. rpcclient/cmd_spoolss.c, line 456.61: 1506-280 (W) Function argument assignment between types unsigned int* and int* is not allowed. rpcclient/cmd_spoolss.c, line 1185.22: 1506-280 (W) Function argument assignment between types unsigned char* and const unsigned char* is not allowed. rpcclient/cmd_reg.c, line 910.36: 1506-280 (W) Function argument assignment between types unsigned char* const* and const unsigned char** is not
Re: [Samba] Question about permissions
Hi, your first attempt with using force group is correct, but your syntax is not. for force group you have to omit the '@' sign. it only takes the name of the group. for example : force group = f at least thats the way it works for me ;-) Christoph Mario Gamito schrieb: Hi, First of all, my apologies for the extension of this message, but it is needeed for you to undertand my problem. Straight to the point: i have this domain in my company running in Samba 3.0.2 My users are: hcoelho, jardim, gamito, yesenia, smatias, fqueiros, faugusto, vamaro, peixinho, aragao, dina, pinho. I have this shares with the users that can access them and the correponding Linux groups: [DAT]: hcoelho, jardim, fqueiros, gamito, faugusto = Linux group A [DID]: hcoelho, jardim, gamito, faugusto, peixinho, aragao, vamaro = Linux group B [DGM]: hcoelho, jardim, smatias = Linux group C [SAD]: hcoelho, jardi, yesenia = Linux group D [NTL]: Everybody = Linux group E [arquivo]: everybody [backups]: jardim, gamito, filipe = Linux group G [biblioteca]: everybody [desenvolvimento]: jardim, gamito, faugusto user's groups: coelho : d hcoelho a b c e f g jardim : d jardim a b c e f g h gamito : gamito a b e f g h (etc...) Besides these shares, there are the homes also. Problems: If hcoelho, for instance, copies a file to share [SAD], yesenia can't open it (and it should, as above), because it is copied with group A. I've already used force group in smb.conf, but then, my users can't access their homes. Following my signature is my smb.conf Any help would be appreciated. Warm Regards, Mário Gamito smb.conf: -- ## ## # smb.conf : criado por Mário Gamito # # Data: 21/06/04 # ## ## [global] workgroup = NETUAL netbios name = bateira server string = Beatrix Kiddo # scripts para alterar o /etc/passwd quando o utilizador muda a password no Windows passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* #username map = /etc/samba/smbusers unix password sync = Yes log level = 2 log file = /etc/samba/individual/%m.log name resolve order = wins lmhosts host time server = Yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 load printers = No #oplocks = No add user script = /usr/sbin/useradd -n -g domainusers -G domainguests -d /dev/null -s /bin/false -M %u delete user script = /usr/sbin/userdel %u add group script = /usr/sbin/groupadd -r %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/bin/gpasswd -a %u %g delete user from group script = /usr/bin/gpasswd -d %u %g set primary group script = /usr/sbin/usermod -g '%g' '%u' add machine script = /usr/sbin/adduser -n -g domainmachines -c Machine -d /dev/null -s /bin/false %u smb passwd file = /etc/samba/passwd logon script = netualinit.bat logon path = \\%L\profiles\%U logon home = \\%L\%U logon drive = H: domain logons = Yes os level = 64 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes message command = echo obrigado | smbclient -M %f panic action = echo Isto é uma mensagem automática: O servidor crashou. Contacte o Mário Gamito | smbclient -M shuttle host msdfs = Yes admin users = domainroot hosts allow = 10.10.1., 10.10.2. hosts deny = ALL hide files = /.bash_profile/.bash_logout/.bashrc/.gtkrc/.kde/.zshrc/ [homes] comment = Home Directories read only = No browseable = No create mask = 0600 directory mask = 0700 [Profiles] comment = Windows profiles para os utilizadores que carregam as suas preferências a partir do servidor. path = /etc/samba/profiles browseable = No read only = No create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /etc/samba/netlogon browseable = No writeable = No browseable = No [arquivo] comment = pasta de arquivo path = /home/arquivo/ writeable = Yes browseable = Yes create mask = 660 directory mask = 777 #force group = @f [SAD] comment = pasta da SAD path = /home/SAD writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @d [DAT] comment = pasta da DAT path = /home/DAT writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @a [DID] comment = pasta da DID path = /home/DID writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @b [DGM] comment = pasta da DGM path = /home/DGM writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @c [SAD] comment = pasta da SAD path = /home/SAD writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @d [backups] comment = pasta de backups path = /home/backups writeable = Yes browseable = Yes create mask = 666 directory mask = 770 #force group = @g [biblioteca] comment = pasta da
[Samba] Using user policies with samba3 and windows 2000
Hello! We are using samba3-3.0.2a-30 as a PDC. Everything is working fine, but now we would like to use user policies. As I learned that can be done by the ntuser.pol file in the 'profiles' user sub directory on the PDC. So her is what i already tried: 1.) Set up a test Window$ 2000 Client and get it into the Domain 2.) Log in as Administrator 3.) Start gpedit.msc (and change something) 4.) Test if that change works 5.) Log out 6.) Make the ntuser.dat to a ntuser.man 7.) Log in as Administrator 8.) restore the original gpedit.msc parameter 9.) log out and in again So i found out that this does not work, as the changes via gpedit.msc are only stored local. Can anybody help me ? Bjoern -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Question about permissions
Hi Christoph, Thank you for your answer. ok, i did that. i suppose that now, assignin the user's primary group as their own, they also can access their homes, right ? Warm Regards, Mário Gamito On Tue, 2004-07-20 at 10:43, Christoph Scheeder wrote: Hi, your first attempt with using force group is correct, but your syntax is not. for force group you have to omit the '@' sign. it only takes the name of the group. for example : force group = f at least thats the way it works for me ;-) Christoph Mario Gamito schrieb: Hi, First of all, my apologies for the extension of this message, but it is needeed for you to undertand my problem. Straight to the point: i have this domain in my company running in Samba 3.0.2 My users are: hcoelho, jardim, gamito, yesenia, smatias, fqueiros, faugusto, vamaro, peixinho, aragao, dina, pinho. I have this shares with the users that can access them and the correponding Linux groups: [DAT]: hcoelho, jardim, fqueiros, gamito, faugusto = Linux group A [DID]: hcoelho, jardim, gamito, faugusto, peixinho, aragao, vamaro = Linux group B [DGM]: hcoelho, jardim, smatias = Linux group C [SAD]: hcoelho, jardi, yesenia = Linux group D [NTL]: Everybody = Linux group E [arquivo]: everybody [backups]: jardim, gamito, filipe = Linux group G [biblioteca]: everybody [desenvolvimento]: jardim, gamito, faugusto user's groups: coelho : d hcoelho a b c e f g jardim : d jardim a b c e f g h gamito : gamito a b e f g h (etc...) Besides these shares, there are the homes also. Problems: If hcoelho, for instance, copies a file to share [SAD], yesenia can't open it (and it should, as above), because it is copied with group A. I've already used force group in smb.conf, but then, my users can't access their homes. Following my signature is my smb.conf Any help would be appreciated. Warm Regards, Mário Gamito smb.conf: -- ## ## # smb.conf : criado por Mário Gamito # # Data: 21/06/04 # ## ## [global] workgroup = NETUAL netbios name = bateira server string = Beatrix Kiddo # scripts para alterar o /etc/passwd quando o utilizador muda a password no Windows passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* #username map = /etc/samba/smbusers unix password sync = Yes log level = 2 log file = /etc/samba/individual/%m.log name resolve order = wins lmhosts host time server = Yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 load printers = No #oplocks = No add user script = /usr/sbin/useradd -n -g domainusers -G domainguests -d /dev/null -s /bin/false -M %u delete user script = /usr/sbin/userdel %u add group script = /usr/sbin/groupadd -r %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/bin/gpasswd -a %u %g delete user from group script = /usr/bin/gpasswd -d %u %g set primary group script = /usr/sbin/usermod -g '%g' '%u' add machine script = /usr/sbin/adduser -n -g domainmachines -c Machine -d /dev/null -s /bin/false %u smb passwd file = /etc/samba/passwd logon script = netualinit.bat logon path = \\%L\profiles\%U logon home = \\%L\%U logon drive = H: domain logons = Yes os level = 64 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes message command = echo obrigado | smbclient -M %f panic action = echo Isto é uma mensagem automática: O servidor crashou. Contacte o Mário Gamito | smbclient -M shuttle host msdfs = Yes admin users = domainroot hosts allow = 10.10.1., 10.10.2. hosts deny = ALL hide files = /.bash_profile/.bash_logout/.bashrc/.gtkrc/.kde/.zshrc/ [homes] comment = Home Directories read only = No browseable = No create mask = 0600 directory mask = 0700 [Profiles] comment = Windows profiles para os utilizadores que carregam as suas preferências a partir do servidor. path = /etc/samba/profiles browseable = No read only = No create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /etc/samba/netlogon browseable = No writeable = No browseable = No [arquivo] comment = pasta de arquivo path = /home/arquivo/ writeable = Yes browseable = Yes create mask = 660 directory mask = 777 #force group = @f [SAD] comment = pasta da SAD path = /home/SAD writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @d [DAT] comment = pasta da DAT path = /home/DAT writeable = Yes browseable = Yes create mask = 660
Re: [Samba] Question about permissions
Hi, you shouldn't need to force a group in the homes share, and using fore group in another share shouldn't affect the homes share at all. I guess the effect of locking out your users from their homes in your first attempt with force group resulted from samba missbehaving with the @ sign in your groupnames. Christoph Mario Gamito schrieb: Hi Christoph, Thank you for your answer. ok, i did that. i suppose that now, assignin the user's primary group as their own, they also can access their homes, right ? Warm Regards, Mário Gamito On Tue, 2004-07-20 at 10:43, Christoph Scheeder wrote: Hi, your first attempt with using force group is correct, but your syntax is not. for force group you have to omit the '@' sign. it only takes the name of the group. for example : force group = f at least thats the way it works for me ;-) Christoph Mario Gamito schrieb: Hi, First of all, my apologies for the extension of this message, but it is needeed for you to undertand my problem. Straight to the point: i have this domain in my company running in Samba 3.0.2 My users are: hcoelho, jardim, gamito, yesenia, smatias, fqueiros, faugusto, vamaro, peixinho, aragao, dina, pinho. I have this shares with the users that can access them and the correponding Linux groups: [DAT]: hcoelho, jardim, fqueiros, gamito, faugusto = Linux group A [DID]: hcoelho, jardim, gamito, faugusto, peixinho, aragao, vamaro = Linux group B [DGM]: hcoelho, jardim, smatias = Linux group C [SAD]: hcoelho, jardi, yesenia = Linux group D [NTL]: Everybody = Linux group E [arquivo]: everybody [backups]: jardim, gamito, filipe = Linux group G [biblioteca]: everybody [desenvolvimento]: jardim, gamito, faugusto user's groups: coelho : d hcoelho a b c e f g jardim : d jardim a b c e f g h gamito : gamito a b e f g h (etc...) Besides these shares, there are the homes also. Problems: If hcoelho, for instance, copies a file to share [SAD], yesenia can't open it (and it should, as above), because it is copied with group A. I've already used force group in smb.conf, but then, my users can't access their homes. Following my signature is my smb.conf Any help would be appreciated. Warm Regards, Mário Gamito smb.conf: -- ## ## # smb.conf : criado por Mário Gamito # # Data: 21/06/04 # ## ## [global] workgroup = NETUAL netbios name = bateira server string = Beatrix Kiddo # scripts para alterar o /etc/passwd quando o utilizador muda a password no Windows passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* #username map = /etc/samba/smbusers unix password sync = Yes log level = 2 log file = /etc/samba/individual/%m.log name resolve order = wins lmhosts host time server = Yes socket options = TCP_NODELAY IPTOS_LOWDELAY SO_SNDBUF=8192 SO_RCVBUF=8192 load printers = No #oplocks = No add user script = /usr/sbin/useradd -n -g domainusers -G domainguests -d /dev/null -s /bin/false -M %u delete user script = /usr/sbin/userdel %u add group script = /usr/sbin/groupadd -r %g delete group script = /usr/sbin/groupdel %g add user to group script = /usr/bin/gpasswd -a %u %g delete user from group script = /usr/bin/gpasswd -d %u %g set primary group script = /usr/sbin/usermod -g '%g' '%u' add machine script = /usr/sbin/adduser -n -g domainmachines -c Machine -d /dev/null -s /bin/false %u smb passwd file = /etc/samba/passwd logon script = netualinit.bat logon path = \\%L\profiles\%U logon home = \\%L\%U logon drive = H: domain logons = Yes os level = 64 preferred master = Yes domain master = Yes dns proxy = No wins support = Yes message command = echo obrigado | smbclient -M %f panic action = echo Isto é uma mensagem automática: O servidor crashou. Contacte o Mário Gamito | smbclient -M shuttle host msdfs = Yes admin users = domainroot hosts allow = 10.10.1., 10.10.2. hosts deny = ALL hide files = /.bash_profile/.bash_logout/.bashrc/.gtkrc/.kde/.zshrc/ [homes] comment = Home Directories read only = No browseable = No create mask = 0600 directory mask = 0700 [Profiles] comment = Windows profiles para os utilizadores que carregam as suas preferências a partir do servidor. path = /etc/samba/profiles browseable = No read only = No create mask = 0600 directory mask = 0700 [netlogon] comment = Network Logon Service path = /etc/samba/netlogon browseable = No writeable = No browseable = No [arquivo] comment = pasta de arquivo path = /home/arquivo/ writeable = Yes browseable = Yes create mask = 660 directory mask = 777 #force group = @f [SAD] comment = pasta da SAD path = /home/SAD writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group = @d [DAT] comment = pasta da DAT path = /home/DAT writeable = Yes browseable = Yes create mask = 660 directory mask = 770 #force group
[Samba] Winbind under 3.0beta2
Hello, I have a problem with installation of winbindd and samba. I saw on a mailing-list you had the same problem a few month ago. Did you find the solution ? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind under 3.0beta2
Hi, first: 3.0beta2 is verry outdated. please go and get the latest stable version from samba.org. second: after completing step 1, if your problem persists could you be more detailed what your problem is? we can't read your mind... ;-) third: have you read all the doc's available with samba? Christoph Cedric schrieb: Hello, I have a problem with installation of winbindd and samba. I saw on a mailing-list you had the same problem a few month ago. Did you find the solution ? -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Problems Samba with LDAP
Hi all, I'm trying to use Samba with ldap, and when i user try to logon in my domain, i got this message in my log: string_to_sid: Sid S-1-5-21-1555867097-2400918380-3197679675-3040-2027 does not start with 'S-' how can i solve this? Thanks, -- = Sp0oKeR Labs [EMAIL PROTECTED] http://www.spooker.com.br = -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Winbind on AIX
Deal all, I'd like to use winbind capabilities on AIX servers (AIX 4.3.3 and AIX 5.2). In particular, I'd like to define share access based on NT group. I think I've successfully setup my Samba suite, I've entered my AIX box in my NT domain and playing with wbinfo (-t, or -a user%passwd) works fine. As told in the documentation, I've copied the WINBIND module under /usr/lib/security, and modify the methods.cfg file like that: WINBIND: program = /usr/lib/security/WINBIND and... it doesn't work. Does some of you have some experience with the AIX plateform? Thanks a lot -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: PDC without profiles?
Michael Lueck wrote: On Mon, 19 Jul 2004 21:31:03 -0500, Paul Gienger wrote: Rather than monkey with each client, just don't define a [profiles] share. I'll check one of our setups tomorrow, we have a site with no roaming there (for now). I did not have a roaming share defined and Win2K put up a fuss that it was missing and assigned a temp one which was erased at each logoff. Not quite the affect of having a local profile. Actually, on that server we also have a blank logon path specified which is populated on the other servers. This is on 2.2.8, so YMMV, but I would guess it works on 3.0.x. With electronic software distribution managing each client, there is no issue sending out such small registry updates globally... think outside the box and what now seems a challenge becomes very easy. I'm guessing you either use a program that you set up once on each workstation which may or may not be a pay-ware solution. Some places simply don't have the budget to buy such things. Also remember, every change you make to a client is one more thing to screw up, although in this case it sounds as if you're doing it automatically. I guess I personally subscribe to the theory of making the smallest change possible, that is if I can make a simple change to the server that avoids me having to change every client's configuration then at the server it will happen. Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: PDC without profiles?
Paul Gienger wrote: Actually, on that server we also have a blank logon path specified which is populated on the other servers. This is on 2.2.8, so YMMV, but I would guess it works on 3.0.x. That might be it as I did not have that set blank until long after my join the domain package had the registry update in it. Also remember, every change you make to a client is one more thing to screw up If you're going to compute that way, then put the computer back in the box and leave it on the client's desk and tell them to never open the box! ;-) although in this case it sounds as if you're doing it automatically. Ja, of course! Das is good! I would want to run around to thousands of computers and try to configure them all the same way by hand why...??? I could easilly forget steps on this machine or that one, slight configuration details to drive me insain when one computer out of the bunch does not work properly. Automatically with LOGGING as the truth is in the logs... many automated systems skimp on logs... shame shame shame on them. -- Michael Lueck Electronic Software Distribution Engineer Lueck Data Systems Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: PDC without profiles?
Michael Lueck wrote: Also remember, every change you make to a client is one more thing to screw up If you're going to compute that way, then put the computer back in the box and leave it on the client's desk and tell them to never open the box! ;-) When doing sysadmin isn't your only job, and/or there are systems that get sent to remote locations, you'll change your tune... (without the software you obviously have, that I should probably remind that some places just cannot afford) Nothing is worse than either : A. being 2 hours deep into a thought process programming and then having some user come bug you because barely used/often neglected feature X doesn't work for them because of some obscure configuration issue. B. Sending a machine offsite where you don't have access to it and finding some tweak you do for everyone in the office but forgot to do to their machine, couple that with a user that cannot deal with a little phone walkthrough and you have a fun day ahead of you. That, in a nutshell, is why *I* advocate to change the server whenever possible. You got to buy some fantastic software, and I have to fight to buy a new mouse... I would guess many smallish businesses have the same situation. although in this case it sounds as if you're doing it automatically. Ja, of course! Das is good! I would want to run around to thousands of computers and try to configure them all the same way by hand why...??? I could easilly forget steps on this machine or that one, slight configuration details to drive me insain when one computer out of the bunch does not work properly. Automatically with LOGGING as the truth is in the logs... many automated systems skimp on logs... shame shame shame on them. So do us a favor and let us in on what you're using in case anyone else wants to know... -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] chmod and unix extensions
Dear all, Im trying to set up Samba so that linux users can use the new unix extensions to be able to chmod their files as they wish. However I seem to be having problems with masks. Whether using smbfs or smbclient trying to do: chmod 777 testfile results only in read permissions for group and other (ie it ends up 744). Under smbfs it complains: chmod: changing permissions of `testfile' (requested: 0777, actual: 0744): Operation not permitted The only way I can it to work is to set create mask = 0777 in the server's smb.conf. Now, this is confusing me as the file isnt being created, I'm just trying to chmod an existing file. I dont want to leave the setting as this because of course all new files get created with world read-write which is not what I want. Looking at the unix_perms_from_wire() function, it would seem it is indeed applying the create mask. As an aside, changing permissions from a W2K ACL dialogue seems to work fine. Any ideas anyone? Samba version: 3.0.4 Some relevant settings from smb.conf: # testparm -v | egrep '(force|security|mask|unix extensions)' Load smb config files from /usr/local/samba/samba-3.0.4/lib/smb.conf Processing section [homes] Loaded services file OK. Server role: ROLE_STANDALONE Press enter to see a dump of your service definitions security = USER unix extensions = Yes paranoid server security = Yes force user = force group = create mask = 0744 force create mode = 00 security mask = 0777 force security mode = 00 directory mask = 0755 force directory mode = 00 directory security mask = 0777 force directory security mode = 00 debug log file gives: [2004/07/20 13:10:44, 10, pid=24949, effective(6923, 18), real(0, 0)] smbd/trans2.c:call_trans2setfilepathinfo(3392) call_trans2setfilepathinfo: SMB_SET_FILE_UNIX_BASIC: name = testfile size = 39, uid = 4294967295, gid = 4294967295, raw perms = 0100777 [2004/07/20 13:10:44, 10, pid=24949, effective(6923, 18), real(0, 0)] smbd/trans2.c:call_trans2setfilepathinfo(3454) call_trans2setfilepathinfo: SMB_SET_FILE_UNIX_BASIC setting mode 0744 for file testfile -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: PDC without profiles?
Paul Gienger wrote: So do us a favor and let us in on what you're using in case anyone else wants to know... FWIW, we took on a temp (someone we know who was 'between jobs') to do a rollout of XP. He introduced us to Symantec Ghost which seems quite a useful tool. I don't think it cost us much, but it's certainly been worth whatever we paid for it. Another (free) tool we don't regret deploying is VNC. Apart from it's utility value, watching a department stood round a screen while some invisible man works the system sure breaks the monotony ! The best bit was the way they stood behind the users chair, just like they would if there was a real IT guy sat in person at the computer. Simon -- Simon Hobson MA MIEE, Technology Specialist Colony Gift Corporation Limited Lindal in Furness, Ulverston, Cumbria, LA12 0LD Tel 01229 461100, Fax 01229 461101 Registered in England No. 1499611 Regd. Office : 100 New Bridge Street, London, EC4V 6JA. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: PDC without profiles?
On Tue, 20 Jul 2004 07:51:34 -0500, Paul Gienger wrote: So do us a favor and let us in on what you're using in case anyone else wants to know... In many areas I develop my own for use within LDS consulting. Vendor tools I care to suggest would be Prism Pack from New Boundary Technologies on the low end and Novadigm (now HP) Radia on the high end... but either way there is a lot of engineering / code development involved in turning their shell into a proper implementation. Vendors do not for the most part understand how Electronic Software Distribution (managed fat client) should be done, and thus the need for custom code. So sorry to hear you end up with off-site machines with no remote access. Unacceptable in my book. VPN back door, SSH, NetOp, and electronic software distribution of course. Michael Lueck Electronic Software Distribution Engineer Lueck Data Systems -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: PDC without profiles?
So sorry to hear you end up with off-site machines with no remote access. Unacceptable in my book. VPN back door, SSH, NetOp, and electronic software distribution of course. Actually, this usually happens only for a couple weeks to months before the office gets in the VPN. In this case, I've got the hardware but not the time to implement it... sigh -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] pam_smbmount
Has anybody managed to get this working under linux and if not does anybody mount windows shares under linux without user intervention? Thanks in advance -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba as a portable userland FS basis?
Recently, I looked at some options implementing unusual file systems in userland. On Linux, there is LUFS and similar stuff which frees one from touching any kernel code. The design is always similar: a generic kernel module forwards calls to a user level daemon and forwards returned results back. The user level daemon implements or serves as a basis for unusual user land filesystem implmentation. However, LUFS is not available on Windows and I'm not aware of somehting similar .. So I've looked after an alternative for LUFS portable across at least over Windows and Linux and probably POSIX, *BSD and MacOSX. I did not found anything .. my conclusion was, that one has to go e.g. and use the MS Installable File Systems Development Kit and build a kernel mode driver which forwards calls to a user mode daemon (pretty much the LUFS design). I'm unwilling to take that level of pain. Next idea was to use the Samba _server_ code as a basis to built the unusual FS on top and just run the Samba server colocated/locally on the desktop machine. Great reuse. Here are the two main questions: 1. Is it possible to build/run the Samba _server_ on Windows (e.g. using Cygwin)? 2. Is there a reasonable internal API within the Samba server which could be used to stack unusual FS stuff on top? Generally, IMHO it would be great to have an open standard C API to some portable user land daemon to implement portable user land file systems. Cheers, Tobias -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] attaching printer w/user level sec; XP okay, 2k won't work
So I've spent a couple of hours on this and I think I've found the problem. I have cups and samba running on the print/file server. I have a 2k and and XP system as clients. All are in the same workgroup. I started with share-level security, and everything worked okay. Then I decided to tighten it down a bit, and moved to user-level security. XP could connect to both the printers and file shares just fine.* The 2k machine can connect to the file shares, but not the printer. Instead of prompting me for a user/password, it just says Access denied. Also, browsing seems broken. The print/file server just isn't showing up in the network neighborhood. Could be a seperate issue. [*] Actually, if I connect to the printer and bring up the printers menu on XP, it has an error in the Status field (I think Access denied), but it can print just fine regardless. Any ideas? Also, do the users in smbpasswd file have to have Unix accounts? I'd like a user just for connecting to printers, who won't own any files. Thanks in advance. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba 3.0.4 make file error
I am trying to install Samba version 3.0.4 to work with SSL on an IBM server 7029 running AIX version 5.1 maint level4. The C compiler installed on the server is vac.C version 6.0.0.0 The steps i have taken so far are from the source directory i have run ./configure--with-ssl which completed without errors. I have then run the make command from the source directory but this comes back with the following warnings and then stops at the nsswitch config. I have searched for these warning messages but can not find any relevant information so please could someone tell me what these warnings actually mean and if there is anything i need to change to fix these. Please find below warnings extracted from make smbd/chgpasswd.c, line 551.35: 1506-280 (W) Function argument assignment between types struct passwd* and const struct passwd* is not allowed. rpc_server/srv_spoolss_nt.c, line 4288.51: 1506-280 (W) Function argument assignment between types struct uuid* and struct uuid_flat* is not allowed. printing/pcap.c, line 276.17: 1506-280 (W) Function argument assignment between types unsigned char* and const unsigned char* is not allowed. printing/pcap.c, line 277.25: 1506-280 (W) Function argument assignment between types unsigned char* and const unsigned char* is not allowed. printing/pcap.c, line 277.29: 1506-280 (W) Function argument assignment between types unsigned char* and const unsigned char* is not allowed. lib/util_str.c, line 1324.24: 1506-068 (W) Operation between types unsigned char* and const unsigned char* is not allowed. tdb/tdbutil.c, line 46.18: 1506-068 (W) Operation between types unsigned char* and const unsigned char* is not allowed. lib/popt_common.c, line 118.39: 1506-196 (W) Initialization between types void* and void(*)(struct poptContext_s*,enum poptCallbackReason,const struct poptOption*,const unsigned char*,const void*) is not allowed. lib/popt_common.c, line 129.55: 1506-196 (W) Initialization between types void* and void(*)(struct poptContext_s*,enum poptCallbackReason,const struct poptOption*,const unsigned char*,const void*) is not allowed. lib/popt_common.c, line 138.39: 1506-196 (W) Initialization between types void* and void(*)(struct poptContext_s*,enum poptCallbackReason,const struct poptOption*,const unsigned char*,const void*) is not allowed. lib/popt_common.c, line 386.55: 1506-196 (W) Initialization between types void* and void(*)(struct poptContext_s*,enum poptCallbackReason,const struct poptOption*,const unsigned char*,const void*) is not allowed. Compiling nsswitch/winbindd.c 569 1500-010: (W) WARNING in process_loop: Infinite loop. Program may not stop. nsswitch/winbindd_group.c, line 1042.49: 1506-280 (W) Function argument assignment between types int* and unsigned int* is not allowed. nsswitch/winbindd_group.c, line 1087.54: 1506-280 (W) Function argument assignment between types int* and unsigned int* is not allowed. nsswitch/winbindd_group.c, line 1100.66: 1506-280 (W) Function argument assignment between types int* and unsigned int* is not allowed. nsswitch/winbindd_group.c, line 1120.54: 1506-280 (W) Function argument assignment between types int* and unsigned int* is not allowed. nsswitch/winbindd_group.c, line 1127.32: 1506-280 (W) Function argument assignment between types int* and unsigned int* is not allowed. Compiling nsswitch/winbindd_dual.c 171 1500-010: (W) WARNING in do_dual_daemon: Infinite loop. Program may not stop. Compiling client/client.c client/client.c, line 699.34: 1506-280 (W) Function argument assignment between types unsigned long long* and unsigned long* is not allowed. client/client.c, line 1075.60: 1506-280 (W) Function argument assignment between types unsigned long long* and unsigned long* is not allowed. utils/net_idmap.c, line 123.27: 1506-280 (W) Function argument assignment between types unsigned int* and int* is not allowed. utils/net_idmap.c, line 123.43: 1506-280 (W) Function argument assignment between types unsigned int* and int* is not allowed. utils/net_idmap.c, line 124.27: 1506-280 (W) Function argument assignment between types unsigned int* and int* is not allowed. utils/net_idmap.c, line 124.44: 1506-280 (W) Function argument assignment between types unsigned int* and int* is not allowed. utils/smbcontrol.c, line 431.63: 1506-280 (W) Function argument assignment between types unsigned char* and const unsigned char* is not allowed. rpcclient/cmd_spoolss.c, line 452.41: 1506-280 (W) Function argument assignment between types unsigned int* and int* is not allowed. rpcclient/cmd_spoolss.c, line 456.61: 1506-280 (W) Function argument assignment between types unsigned int* and int* is not allowed. rpcclient/cmd_spoolss.c, line 1185.22: 1506-280 (W) Function argument assignment between types unsigned char* and const unsigned char* is not allowed. rpcclient/cmd_reg.c, line 910.36: 1506-280 (W) Function argument assignment between types unsigned char* const* and const unsigned char** is not
Re: [Samba] Build Errors, torture tests 3.0.x/HP-UX 11i
P _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - Jr. UNIX Systems Admin |$| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 On Wed, 23 Jun 2004, Jeremy Allison wrote: On Wed, Jun 23, 2004 at 03:12:47PM -0400, Ryan Novosielski wrote: Anyone here have a solution to this one? It would really help with my testing. _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - Jr. UNIX Systems Admin |$| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 On Mon, 24 May 2004, Ryan Novosielski wrote: I get the following errors when building the torture suite under HP-UX 11i with HP AnsiC. They are actually somewhat similar to the errors that I get trying to build the whole package with gcc: Compiling torture/torture.c In file included from include/includes.h:109, from torture/torture.c:23: /usr/include/sys/socket.h:484: error: parse error before sendfile /usr/include/sys/socket.h:484: error: parse error before bsize_t /usr/include/sys/socket.h:486: error: parse error before sendpath /usr/include/sys/socket.h:486: error: parse error before bsize_t /usr/include/sys/socket.h:493: error: parse error before sendfile64 /usr/include/sys/socket.h:493: error: parse error before bsize64_t /usr/include/sys/socket.h:495: error: parse error before sendpath64 /usr/include/sys/socket.h:495: error: parse error before bsize64_t In file included from /usr/include/sys/mp.h:55, from /usr/include/sys/malloc.h:59, from /usr/include/net/netmp.h:53, from /usr/include/net/if.h:59, from include/includes.h:275, from torture/torture.c:23: /usr/include/machine/sys/setjmp.h:45: error: redefinition of `struct label_t' In file included from torture/torture.c:23: include/includes.h:495: error: conflicting types for `socklen_t' /usr/include/sys/socket.h:199: error: previous declaration of `socklen_t' Looks like the configure script isn't finding the HPUX definition of socklen_t in the /usr/include/sys/socket.h include file. Look at the configure output to discover why. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] PDC without profiles?
Mark -- XP Pro and XP Pro SP1 mixed. Thanks! -jag On Mon, 2004-07-19 at 17:49, Mark Sarria wrote: What version of Windows are you running? Mark Sarria www.msdigitaldzines.com serving up Linux everyday, non-stop - Original Message - From: Joshua Ginsberg [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, July 19, 2004 3:56 PM Subject: [Samba] PDC without profiles? Hi -- I'd like to try running Samba as a PDC simply for authentication -- that is without doing any profile management, i.e. I'd like Windows to not write anything to the network after logout. Is this possible with Samba? I'm not seeing an obvious answer to this. Thanks! -jag -- Joshua Ginsberg [EMAIL PROTECTED] Brainstorm Internet Network Operations -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- Joshua Adam Ginsberg [EMAIL PROTECTED] Network Operations -- Brainstorm Internet -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: PDC without profiles?
Wow! The blank logon path worked! Thanks so much!! -jag On Tue, 2004-07-20 at 06:31, Paul Gienger wrote: Michael Lueck wrote: On Mon, 19 Jul 2004 21:31:03 -0500, Paul Gienger wrote: Rather than monkey with each client, just don't define a [profiles] share. I'll check one of our setups tomorrow, we have a site with no roaming there (for now). I did not have a roaming share defined and Win2K put up a fuss that it was missing and assigned a temp one which was erased at each logoff. Not quite the affect of having a local profile. Actually, on that server we also have a blank logon path specified which is populated on the other servers. This is on 2.2.8, so YMMV, but I would guess it works on 3.0.x. With electronic software distribution managing each client, there is no issue sending out such small registry updates globally... think outside the box and what now seems a challenge becomes very easy. I'm guessing you either use a program that you set up once on each workstation which may or may not be a pay-ware solution. Some places simply don't have the budget to buy such things. Also remember, every change you make to a client is one more thing to screw up, although in this case it sounds as if you're doing it automatically. I guess I personally subscribe to the theory of making the smallest change possible, that is if I can make a simple change to the server that avoids me having to change every client's configuration then at the server it will happen. Michael Lueck Lueck Data Systems http://www.lueckdatasystems.com/ -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- Joshua Ginsberg [EMAIL PROTECTED] Brainstorm Internet Network Operations -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind problem
Okay. I got it. I am posting it for posterity.
Yes, it was something stupid, as I suspected. I am stunned no one has run
into this yet.
Since we are dealing with ADS, I thought it would be safe to refer to things
in ads nomanclature. Aparently not the case with the password server. The
error output was likewise misleading:
[2004/07/15 11:55:43, 1] nsswitch/winbindd_ads.c:ads_cached_connection(81)
ads_connect for domain NEWDOMAIN failed: No such file or directory
I was looking all around both machines' filesystems, LDAP and ADS for a file
or directory that was missing. Turns out that had nothing to do with it.
The problem was this line in my smb.conf:
password server = stan.newdomain.int
It should have been
password server = STAN
i.e. in netbios nomanclature -- not ADS(DNS) nomanclature.
I am amazed that no one caught that, but there it is! So much grief for such
a stupid gaff.
I thank those who took the time to read my post, and hope that this will help
someone in the future.
Chris
On Friday 16 July 2004 07:51 am, Chris wrote:
Posted: Thu Jul 15, 2004 11:34 amPost subject: Samba/winbind and ADS
problem
I almost have this.
I have read the docs, I have read this, I have purchased both books from
the samba team, and I cannot find any help from any of these.
We are trying to migrate from OLDDOMAIN (an NT4 Domain) to NEWDOMAIN (our
Win2k3 Domain). I have a two way trust right now between the domains. I
have everything configured as per the docs as far as smb.conf, krb5.conf
and nsswitch. I do:
Code:
# wbinfo -t
checking the trust secret via RPC calls succeeded
so everything looks good there, but the weird thing is when I do this:
Code:
# wbinfo -g
or
# wbinfo -u
I get a list of all the users and groups from OLDDOMAIN, and none of the
groups from NEWDOMAIN! Same thing is true when I use getent. Which makes
about zero sense to me... I had absolutely no error output when joining the
ADS Domain (NEWDOMAIN), from wbinfo, kinit, sbmclient or smbmount.
So, I went to the log file:
Quote:
[2004/07/15 11:55:39, 1] nsswitch/winbindd.c:main(843)
winbindd version 3.0.4 started.
Copyright The Samba Team 2000-2004
[2004/07/15 11:55:39, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
Added domain NEWDOMAIN NEWDOMAIN.INT S-0-0
[2004/07/15 11:55:43, 1] nsswitch/winbindd_ads.c:ads_cached_connection(81)
ads_connect for domain NEWDOMAIN failed: No such file or directory
[2004/07/15 11:55:44, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
Added domain OLDDOMAIN S-1-5-21-1898674339-994652211-837300805
[2004/07/15 11:55:44, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
Added domain BUILTIN S-1-5-32
[2004/07/15 11:55:44, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
Added domain CASPER S-1-5-21-789378082-241503064-2986860805
[2004/07/15 12:04:59, 1] nsswitch/winbindd_ads.c:ads_cached_connection(81)
ads_connect for domain NEWDOMAIN failed: No such file or directory
I have been trying this since samba 3.0.0, and I still have problems. I am
now using 3.0.4.
my smb.conf:
Code:
# Global parameters
[global]
netbios name = JOE
socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
dns proxy = no
realm = NEWDOMAIN.INT
workgroup = NEWDOMAIN
netbios aliases = JOE
server string = JOE server
security = ADS
wins proxy = no
map to guest = Bad User
password server = stan.newdomain.int
name resolve order = lmhosts wins bcast
time server = Yes
os level = 0
preferred master = No
local master = No
domain master = No
wins server = 208.226.104.3
hosts allow = 127.0.0.1, 208.226.104.
oplocks = No
follow symlinks = No
printing = cups
printcap name = cups
load printers = yes
idmap uid = 1-2
winbind enum users = yes
winbind gid = 1-2
winbind enum groups = yes
winbind separator = +
os level = 20
[images]
valid users = chrisd,kristynp,administrator
public = no
path = /images
writable = yes
write list = kristynp,chrisd,administrator
admin users = kristynp,chrisd,administrator
force user = root
my krb5.conf:
Code:
[libdefaults]
default_realm = NEWDOMAIN.INT
[realms]
NEWDOMAIN.INT = {
kdc = stan.naic.int
}
[domain_realms]
.newdomain.int = NEWDOMAIN.INT
my nsswitch.conf:
Code:
# /etc/nsswitch.conf:
# $Header: /home/cvsroot/gentoo-src/rc-scripts/etc/nsswitch.conf,v 1.4
2002/11/18 19:39:22 azarah Exp $
passwd: compat winbind
shadow: compat
group: compat winbind
# passwd:db files nis
# shadow:db files nis
# group: db files nis
hosts: files dns
networks:files dns
services:db files
protocols: db files
rpc:
Re: [Samba] What happened to this list?
Hello again, Please understand, that this post was meant to flame no one. I have said it before and I say it now, I believe the samba team to be nothing less than saintly. The world owes them a debt of gratitude. I just wonder if some gurus outside the samba team should be delegated to peruse the list periodically for single posts, since it seems that the samba team is so busy lately. I am grateful to Opensource as a whole and samba in particular. I am no guru, but I will help where I can. Thank you all, Chris On Monday 19 July 2004 07:41 am, Chris wrote: Hello. I have been having some major troubles lately with samba and winbind. The last 5 posts I made, no one has responded. I did some looking around, and in the last several months it seems that very few people are getting any assistance at all on this list at all. Why is that? I haven't needed this list in years, but it used to be very different. Is there another place a person can go to get help with samba? I have faithfully followed the docs and it is still not working right, and it is most frustrating. Chris -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] pam_smbmount
Le Tue, Jul 20, 2004 at 11:17:06PM +1000, John Simovic a ecrit: Has anybody managed to get this working under linux and if not does anybody mount windows shares under linux without user intervention? yes, you can use the pam's libpam-mount module for this. Note that if you want to mount windows 2003 share, you need to patch the kernel for CIFS support, or use en 2.6 kernel. -- Jérôme -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: Smart Questions [Was: Re: [Samba] Re: What happened to this list?]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jeremy Allison wrote: |To be honest, you really need to realize WHOM you sent this to... Jeremy |Allison, is not the person *I* would send this to. | | | Oh I don't see why not, I ask as many stupid questions | as anyone :-) :-). It's true. Why just the other day oh wait. Maybe I shouldn't tell that story - -- jerry -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/TfMIR7qMdg1EfYRAlNSAJ4u+ocuZMzyw6SssYxYooi/pFU6pQCglUkv KyXwPBHv8ol49dxWKggeURM= =WgbF -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba+LDAP - so close yet so far :) ...STILL NOT SOLVED
Craig White wrote: On Mon, 2004-07-19 at 19:34, Jos Ildefonso Camargo Tolosa wrote: http://samba.idealx.org/smbldap-howto.fr.html as you recommended. I have one big question, which one do I put in '/etc/ldap.conf' nss_base_passwd dc=wbcoll,dc=edu?one nss_base_shadow dc=wbcoll,dc=edu?one nss_base_group ou=Groups,dc=wbcoll,dc=edu?one or nss_base_passwdou=Users,dc=wbcoll,dc=edu?one nss_base_shadowou=Users,dc=wbcoll,dc=edu?one nss_base_group ou=Groups,dc=wbcoll,dc=edu?one Neither, use this: nss_base_passwd dc=wbcoll,dc=edu?sub nss_base_shadow dc=wbcoll,dc=edu?sub nss_base_group ou=Groups,dc=wbcoll,dc=edu?one Look at the sub, it tells the system to descend to all the sub-objects it may have. --- It is pertinent to consider that this suggestion waives any efficiency for ease of use as it will tell all user lookups to search the entire LDAP tree. In fact, you should do something like this (that's what I did, if you read the thread): nss_base_passwd ou=Accounts,dc=wbcoll,dc=edu?sub nss_base_shadow ou=Accounts,dc=wbcoll,dc=edu?sub nss_base_group ou=Groups,dc=wbcoll,dc=edu?one And under ou=Accounts,dc=wbcoll,dc=edu, you create another ou: ou=People,ou=Accounts,dc=wbcoll,dc=edu here you place user accounts, and put this in the smb.conf for users ou=Computers,ou=Accounts,dc=wbcoll,dc=edu and here you place computers accounts. Off course, you can call Accounts whatever you want to call it: samba, domains, I don't know. I already told him to use his second choice as that is most efficient. I recognize that your option would permit the option of trying to use a separate organizational unit for Computers but this guy is endlessly confused, and simple is clearly better for his purposes, without considering the impact of excessive searching of the LDAP db. If you only have the ldap for samba, there will not be any problem. It will also allow you to create others ou to futher organize your users (you can't ask someone to have, let's say, 900 users in just one ou). This would also allow you to delegate the administration of a group of users to another person, without giving him access to the whole directory. I was endlessly confused myself when I started with this, I read many different howtos, all of them saying different things. And I have been a samba user for more than two years, I just started to use it with ldap about five months ago. Craig Ildefonso Camargo -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] HP-UX, problem with 3.0.5rc1 (was not in pre1)
I have built 3.0.5rc1 for testing, with the same options I was using for 3.0.5pre1. Unfortunately, however, when I build this one, everything tanks (save for one or two smaller utils) and dumps core. I have attached my configure script, shamelessly swiped from HP (but edited a little bit for my site) in their CIFS source. Would something in particular from the core file be helpful? This is HP-UX 11i, on an N4000 with HP ansiC. _ _ _ _ ___ _ _ _ |Y#| | | |\/| | \ |\ | | | Ryan Novosielski - Jr. UNIX Systems Admin |$| |__| | | |__/ | \| _| | [EMAIL PROTECTED] - 973/972.0922 (2-0922) \__/ Univ. of Med. and Dent. | IST/ACS - NJMS Medical Science Bldg - C630 # Check whether the necessary software is installed. # # Check for HP Kerberos libraries # Check for OpenLDAP or HP LDAP libraries # Check for libiconv # Check for autoconf # Check for autoheader # export SMBVER=3.0.5rc1 export CC=cc if [[ $(uname -m) = ia64 ]]; then export CFLAGS=+DD32 -DUSING_GROUPNAME_MAP -DWITH_SYSLOG -D_KERNEL_THREADS else export CFLAGS=+DA1.1 +DS1.1 -DUSING_GROUPNAME_MAP -DWITH_SYSLOG -L/umdapps/prod/ldapapp/local/lib -I/umdapps/prod/ldapapp/local/include fi export CPPFLAGS=-I/usr/local/include -L/usr/local/lib # Generate the version.h from script/mkversion.sh script/mkversion.sh if [[ $? != 0 || ! -f include/version.h ]] then print Cannot generate version.h, script/mkversion.h failed to run print successfully. exit 1 fi # Generate the config.h.in # using autoheader if [[ ! -f include/config.h.in ]] then /usr/local/bin/autoheader configure.in if [[ $? != 0 ]] then print Cannot generate config.h.in, autoheader failed to run print successfully. exit 1 fi fi # Generate the configure script from configure.in if [[ ! -f configure ]] then print Cannot locate configure script print Generating configure... /usr/local/bin/autoconf -o configure configure.in if [[ $? != 0 ]] then print Cannot generate configure, autoconf failed to run print successfully. exit 1 fi fi if [[ ! -x ./configure ]] then print Configure script is not executable. Adding a +x through print chmod chmod +x ./configure fi # Run configure script with the needed options to build Samba # ./configure \ --with-ldap \ --with-ldapsam \ --with-libiconv=/usr/local \ --without-winbind \ --with-quotas \ --with-utmp \ --with-syslog \ --prefix=/opt/samba-$SMBVER \ --libdir=/opt/samba-$SMBVER/lib \ --localstatedir=/var/samba \ --with-configdir=/etc/samba \ --with-privatedir=/etc/samba/private \ --with-lockdir=/var/spool/locks/samba \ --with-swatdir=/opt/samba-$SMBVER/swat \ --with-acl-support \ --with-msdfs \ --with-pam_smbpass \ --with-pam # Check build and running environment # Currently 11.00 BE is exactly same with 11.11 BE. # And 11.22 BE is exactly same with 11.23 BE, and 11.22 will not be deliveried. # 11.31 BE so far is the same with 11.23 BE, probably is diff from 11.23 in future. os_ver=`uname -r|cut -d . -f 3` case $os_ver in 11 | 00) version=11 ;; 22 | 23) version=23 ;; 31) version=$os_ver ;; esac for afile in include/config.h Makefile; do diff $afile $afile.$version if [[ $? != 0 ]]; then echo WARNING: $afile is different from $afile.$version. echo Please verify the differencies before running make. echo fi done -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba+LDAP - so close yet so far :) ...STILL NOT SOLVED
Mohammad Reza wrote: Dear lists... But this still un-solved the real problem to join w2k to samba3-ldap . I'm here with the same situation. I even switch my distro to SuSe with same result, still cant join domain. Please give us hint how to solve or debug this problem. Sorry, I looked at the thread, and I don't have info about your problem with w2k. According to what I read at the link posted by Abebe, I think it may be a problem with the unix system not seeing the machine account created automatically by samba (ie, the smbldap-useradd script). You should be able to do a su - winxp\$ as root, and it should log in: obelix:~# su - virtualxp\$ No directory, logging in with HOME=/ Off course, it will not give you a prompt as virtualxp\$, because the shell is /bin/false, but If the user didn't existed, it would answered: Unkown ID, or something like that. regards reza -Original Message- From: Craig White [mailto:[EMAIL PROTECTED] Sent: Tue 7/20/2004 9:48 AM To: [EMAIL PROTECTED] Cc: Subject:Re: [Samba] Samba+LDAP - so close yet so far :) ...STILL NOT SOLVED On Mon, 2004-07-19 at 19:34, Jos Ildefonso Camargo Tolosa wrote: http://samba.idealx.org/smbldap-howto.fr.html as you recommended. I have one big question, which one do I put in '/etc/ldap.conf' nss_base_passwd dc=wbcoll,dc=edu?one nss_base_shadow dc=wbcoll,dc=edu?one nss_base_group ou=Groups,dc=wbcoll,dc=edu?one or nss_base_passwdou=Users,dc=wbcoll,dc=edu?one nss_base_shadowou=Users,dc=wbcoll,dc=edu?one nss_base_group ou=Groups,dc=wbcoll,dc=edu?one Neither, use this: nss_base_passwd dc=wbcoll,dc=edu?sub nss_base_shadow dc=wbcoll,dc=edu?sub nss_base_group ou=Groups,dc=wbcoll,dc=edu?one Look at the sub, it tells the system to descend to all the sub-objects it may have. --- It is pertinent to consider that this suggestion waives any efficiency for ease of use as it will tell all user lookups to search the entire LDAP tree. I already told him to use his second choice as that is most efficient. I recognize that your option would permit the option of trying to use a separate organizational unit for Computers but this guy is endlessly confused, and simple is clearly better for his purposes, without considering the impact of excessive searching of the LDAP db. Craig -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Access denied to a Samba drive when use Backup Software
Hi! Here's my problem. I have a backup server. It's a Fedora Core 2 box with Samba 3.0.3-5. The client is Win XP. When I try to access to the network drive of my server with my backup software, the program said that the access is denied. But, when I mount the network drive, I can read, execute and write data on the drive. I really have no ideas where is the problem. I've try with these two share. But nothing work. [homes] comment = Home Directories browseable = no writeable = yes [PDF] comment = Dossier de creation des PDF path = /pub/pdf_out # valid users = yann joanne guy public = yes writable = yes printable = no Does somebody as the same problem??? Thanks a lot! Yann -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba+LDAP - so close yet so far :) ...STILL NOT SOLVED
I was having trouble sleeping last night, so I start going over your past e-mails. Do you remember you asking me that I need to make sure LDAP is authenticating system users? And I told you that it was. I was not completely lying, it authenticates 'testuser1' with no problem. However, 'administrator' is getting kicked out as soon as it logs in. Here is what it looks like: [EMAIL PROTECTED] root]# ssh [EMAIL PROTECTED] [EMAIL PROTECTED]'s password: Last login: Tue Jul 20 09:49:05 2004 from 192.168.1.17 Connection to 192.168.1.10 closed. [EMAIL PROTECTED] root]# Here is part of 'slapd.log': +++ Jul 20 10:22:31 eaglex slapd[20508]: conn=7 op=2 SRCH attr=cn userPassword memberUid uniqueMember gidNumber Jul 20 10:22:31 eaglex slapd[20508]: conn=7 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= Jul 20 10:22:31 eaglex slapd[20508]: conn=7 fd=15 closed Jul 20 10:25:17 eaglex slapd[20508]: conn=4 op=2 SRCH base=dc=wbcoll,dc=edu scope=2 filter=((objectClass=posixAccount)(uid=administrator)) Jul 20 10:25:17 eaglex slapd[20508]: conn=4 op=2 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass Jul 20 10:25:17 eaglex slapd[20508]: conn=4 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= Jul 20 10:25:19 eaglex slapd[20508]: conn=8 fd=15 ACCEPT from IP=127.0.0.1:33263 (IP=0.0.0.0:389) Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=0 BIND dn=cn=Manager,dc=wbcoll,dc=edu method=128 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=0 BIND dn=cn=Manager,dc=wbcoll,dc=edu mech=simple ssf=0 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=0 RESULT tag=97 err=0 text= Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=1 SRCH base=dc=wbcoll,dc=edu scope=2 filter=(uid=Administrator) Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=2 BIND anonymous mech=implicit ssf=0 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=2 BIND dn=uid=Administrator,ou=Users,dc=wbcoll,dc=edu method=128 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=2 BIND dn=uid=Administrator,ou=Users,dc=wbcoll,dc=edu mech=simple ssf=0 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=2 RESULT tag=97 err=0 text= Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=3 BIND anonymous mech=implicit ssf=0 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=3 BIND dn=cn=Manager,dc=wbcoll,dc=edu method=128 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=3 BIND dn=cn=Manager,dc=wbcoll,dc=edu mech=simple ssf=0 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=3 RESULT tag=97 err=0 text= Jul 20 10:25:19 eaglex slapd[20508]: conn=9 fd=18 ACCEPT from IP=127.0.0.1:33264 (IP=0.0.0.0:389) Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=0 BIND dn=cn=Manager,dc=wbcoll,dc=edu method=128 Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=0 BIND dn=cn=Manager,dc=wbcoll,dc=edu mech=simple ssf=0 Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=0 RESULT tag=97 err=0 text= Jul 20 10:25:19 eaglex slapd[20508]: deferring operation Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=1 SRCH base=dc=wbcoll,dc=edu scope=2 filter=((objectClass=shadowAccount)(uid=Administrator)) Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=1 SRCH attr=uid userPassword shadowLastChange shadowMax shadowMin shadowWarning shadowInactive shadowExpire Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Jul 20 10:25:20 eaglex slapd[20508]: conn=8 op=4 UNBIND Jul 20 10:25:20 eaglex slapd[20508]: conn=8 fd=15 closed Jul 20 10:25:20 eaglex slapd[20508]: conn=10 fd=15 ACCEPT from IP=127.0.0.1:33265 (IP=0.0.0.0:389) Jul 20 10:25:20 eaglex slapd[20508]: conn=9 fd=18 closed Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=0 BIND dn=cn=Manager,dc=wbcoll,dc=edu method=128 Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=0 BIND dn=cn=Manager,dc=wbcoll,dc=edu mech=simple ssf=0 Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=0 RESULT tag=97 err=0 text= Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=1 SRCH base=dc=wbcoll,dc=edu scope=2 filter=(uid=Administrator) Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=2 SRCH base=ou=Groups,dc=wbcoll,dc=edu scope=1 filter=((objectClass=posixGroup)(|(memberUid=Administrator)(uniqueMember=uid=administrator,ou=users,dc=wbcoll,dc=edu))) Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=2 SRCH attr=cn userPassword memberUid uniqueMember gidNumber Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= Jul 20 10:25:20 eaglex slapd[20508]: conn=10 fd=15 closed +++ Is it alright if I delete the files in '/var/lib/ldap/*' before I use 'slapindex'? When I do the 'ldapsearch' command, machine entry does not exist anymore. Here is my 'smb.conf' after taking out what you told me and using 'testparm -s /tmp/smb.conf'
[Samba] Active directory and trusted domains
I setup Samba a while ago in an active directory environment. There are many trusted domains (with a very lot lot of users and computer account), but i (my users) used only one, and all worked just fine Actually, some from others domains needs to connect to my shares. And even if i do not setupe any users, they cannot. So here are some few questions : I've this in my winbindd log file : [2004/07/20 16:29:48, 1] nsswitch/winbindd_util.c:winbindd_lookup_name_by_sid(429) Can't find domain from sid [2004/07/20 16:33:21, 1] nsswitch/winbindd_sid.c:winbindd_gid_to_sid(437) Could not convert gid 65534 to sid [2004/07/20 16:40:55, 1] nsswitch/winbindd_util.c:winbindd_lookup_name_by_sid(429) Can't find domain from sid [2004/07/20 16:40:55, 1] libsmb/clikrb5.c:ads_krb5_mk_req(276) krb5_get_credentials failed for [EMAIL PROTECTED] (KDC can't fulfill requested option) - Is 65534 a limitation? - credentials seems to fail, however MYAD is the only domain where there is no problems for accessing shares. - Is there any limitation in the idmap uid and idmap gid? A few minutes before, in the log, i've line that said others domains are correctly added. Regard's Vincent -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba+LDAP - so close yet so far :) ...STILL NOT SOLVED
abebe lsslp wrote: I was having trouble sleeping last night, so I start going over your past e-mails. Do you remember you asking me that I need to make sure LDAP is authenticating system users? And I told you that it was. I was not completely lying, it authenticates 'testuser1' with no problem. However, 'administrator' is getting kicked out as soon as it logs in. Here is what it looks like: [EMAIL PROTECTED] root]# ssh [EMAIL PROTECTED] [EMAIL PROTECTED]'s password: Last login: Tue Jul 20 09:49:05 2004 from 192.168.1.17 Connection to 192.168.1.10 closed. [EMAIL PROTECTED] root]# Off course: loginShell: /bin/false It logins, then just die, because it have no shell. :) Here is part of 'slapd.log': +++ Jul 20 10:22:31 eaglex slapd[20508]: conn=7 op=2 SRCH attr=cn userPassword memberUid uniqueMember gidNumber Jul 20 10:22:31 eaglex slapd[20508]: conn=7 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= Jul 20 10:22:31 eaglex slapd[20508]: conn=7 fd=15 closed Jul 20 10:25:17 eaglex slapd[20508]: conn=4 op=2 SRCH base=dc=wbcoll,dc=edu scope=2 filter=((objectClass=posixAccount)(uid=administrator)) Jul 20 10:25:17 eaglex slapd[20508]: conn=4 op=2 SRCH attr=uid userPassword uidNumber gidNumber cn homeDirectory loginShell gecos description objectClass Jul 20 10:25:17 eaglex slapd[20508]: conn=4 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= Jul 20 10:25:19 eaglex slapd[20508]: conn=8 fd=15 ACCEPT from IP=127.0.0.1:33263 (IP=0.0.0.0:389) Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=0 BIND dn=cn=Manager,dc=wbcoll,dc=edu method=128 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=0 BIND dn=cn=Manager,dc=wbcoll,dc=edu mech=simple ssf=0 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=0 RESULT tag=97 err=0 text= Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=1 SRCH base=dc=wbcoll,dc=edu scope=2 filter=(uid=Administrator) Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=2 BIND anonymous mech=implicit ssf=0 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=2 BIND dn=uid=Administrator,ou=Users,dc=wbcoll,dc=edu method=128 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=2 BIND dn=uid=Administrator,ou=Users,dc=wbcoll,dc=edu mech=simple ssf=0 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=2 RESULT tag=97 err=0 text= Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=3 BIND anonymous mech=implicit ssf=0 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=3 BIND dn=cn=Manager,dc=wbcoll,dc=edu method=128 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=3 BIND dn=cn=Manager,dc=wbcoll,dc=edu mech=simple ssf=0 Jul 20 10:25:19 eaglex slapd[20508]: conn=8 op=3 RESULT tag=97 err=0 text= Jul 20 10:25:19 eaglex slapd[20508]: conn=9 fd=18 ACCEPT from IP=127.0.0.1:33264 (IP=0.0.0.0:389) Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=0 BIND dn=cn=Manager,dc=wbcoll,dc=edu method=128 Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=0 BIND dn=cn=Manager,dc=wbcoll,dc=edu mech=simple ssf=0 Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=0 RESULT tag=97 err=0 text= Jul 20 10:25:19 eaglex slapd[20508]: deferring operation Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=1 SRCH base=dc=wbcoll,dc=edu scope=2 filter=((objectClass=shadowAccount)(uid=Administrator)) Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=1 SRCH attr=uid userPassword shadowLastChange shadowMax shadowMin shadowWarning shadowInactive shadowExpire Jul 20 10:25:19 eaglex slapd[20508]: conn=9 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Jul 20 10:25:20 eaglex slapd[20508]: conn=8 op=4 UNBIND Jul 20 10:25:20 eaglex slapd[20508]: conn=8 fd=15 closed Jul 20 10:25:20 eaglex slapd[20508]: conn=10 fd=15 ACCEPT from IP=127.0.0.1:33265 (IP=0.0.0.0:389) Jul 20 10:25:20 eaglex slapd[20508]: conn=9 fd=18 closed Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=0 BIND dn=cn=Manager,dc=wbcoll,dc=edu method=128 Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=0 BIND dn=cn=Manager,dc=wbcoll,dc=edu mech=simple ssf=0 Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=0 RESULT tag=97 err=0 text= Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=1 SRCH base=dc=wbcoll,dc=edu scope=2 filter=(uid=Administrator) Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=2 SRCH base=ou=Groups,dc=wbcoll,dc=edu scope=1 filter=((objectClass=posixGroup)(|(memberUid=Administrator)(uniqueMember=uid=administrator,ou=users,dc=wbcoll,dc=edu))) Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=2 SRCH attr=cn userPassword memberUid uniqueMember gidNumber Jul 20 10:25:20 eaglex slapd[20508]: conn=10 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text= Jul 20 10:25:20 eaglex slapd[20508]: conn=10 fd=15 closed +++ Is it alright if I delete the files in '/var/lib/ldap/*' before I use 'slapindex'? When I do the 'ldapsearch' command, machine entry does not exist anymore. Here is my
[Samba] problem joining a domain after upgrade
hello, I've upgraded my samba server to samba 3.02. The roaming profiles works fine. But I've got a problem with the workstation accounts. On some machine (not all of them), I can't load any roaming profile. I've got to log localy as administrator and to join manually the domain. Then everything works fine. The matter is that I've got a lot of machine with this problem... is there a way to automatically do this ? The workstation are running Windows2000. And if someone knows why it happends only on some workstation... thanks, Fabrice Tereszkiewicz -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LOGIC ERROR in smbd locks system...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Maier, Thomas wrote: | Hello, | | i have a little problem here: | | Using Samba 2.2.2 with IBM ClearCase (2003) on a Sun Solaris | 8 machine (2 cpus, 4G ram) (IBM does not support Samba 3.0 | with Clearcase, maybe Samba 3.0 will fix the problem, but not able | to test it yet). There are more than 100 smbd processes running | in average. Load average of the maschine: under 1.0 in | normal operation. | | But from time to time there are system locks, means: there | are many smbd's running (over 50 and more) that produces | n load average of over 50.0 ! These processes consume about | 2% cpu time per smbd, resulting in: cpu state: 0% idle 10% | user 90% kernel. Thomas, The 2.2. branch is no linger under development or maintenance. However at the very least I would suggest upgrading to to Samba 2.2.9. I remember this code and when Jeremy was working on it. Changes are that 2.2.9 will be better for you. I don't remember the Solaris lock kernel bug was Solaris 7, 8, or 9 (or all three). But check with you Sun rep about the fcntl() kernel lock patch. Don't remember the patch # right now. Sorry. cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ...a hundred billion castaways looking for a home. --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/Uo8IR7qMdg1EfYRAj/rAJ9aScH9DGqQUYBw/1OL/nGf78XvaACgjLrG fqetpaETctETm32G4oVHnqE= =wab/ -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Rpm for Redhat v7.1
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: | Hi | | Could you suggest where I can download a samba-2.2.6 or | samba-2.2.9 rpm for Redhat Linux v7.1. | I am presently using a samba-2.2.3a server but Windows | XP clients create extra files when saving or copying to | this samaba server. Grab the SRPM from samba.org and run 'rpm --rebuild ' on it is the best bet I think. | | Best regards, | | Gary Marshall | e-Protector | Tel: 0870 0278302 | Mob: 07769 747080 | Fax: 0115 9227111 | | | | | ** | This email and any files transmitted with it are confidential and | intended solely for the use of the individual or entity to whom they | are addressed. If you have received this email in error please notify | [EMAIL PROTECTED] | | This footnote also confirms that this email message has been swept | for the presence of computer viruses. | ** | - -- - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ...a hundred billion castaways looking for a home. --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/U9oIR7qMdg1EfYRApqAAKC5GL7fnNrcungDW9Vzm5zbBY+C+QCdHHje WNNCRYQnw1vfkWxri4gHuGw= =CaYv -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: String overflow in safe_strcpy .
you can change mangle prefix to specify the number of characters you want to stay the same. Just remember the more letters that remain the same the more likely you will get a collision and slow things down. Carl Matthews wrote: Is there another way to make shares readable to 16 bit apps that use the 8.3 filename. because with out specifying mangling method = hash the file names are completly mangled and only the first letter remains the same. Where as mangling method = hash only mangles the last 3 letters. Carl. Carl Matthews wrote: Hi Jeremy, Sorry for not replying sooner, ive attached my config file. as a quick test, I created a folder called : Test Directory That Is Long under which i created a folder called This folder is long too and a file called This Folder is long.txt and this gives me the string errors. Thanks. Jeremy Allison wrote: On Wed, Jul 14, 2004 at 11:03:26PM +0100, Carl wrote: Just Installed 3.0.5rc1 and the problem persists unfortunately, Ok, can you give me the smb.conf file and the directory and filenames you're using. I'll see if I can reproduce with the latest SVN code. Thanks, Jeremy. # Samba config file created using SWAT # from 0.0.0.0 (0.0.0.0) # Date: 2004/06/23 10:15:40 # Global parameters [global] server string = Mandrake1 netbios aliases = FC1 password server = None guest account = mleall username map = /etc/samba/smbusers log level = 0 log file = /var/log/samba/%m.log max log size = 500 name resolve order = wins lmhosts host bcas deadtime = 15 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 load printers = No mangling method = hash preferred master = Yes domain master = No dns proxy = No wins support = Yes oplock break wait time = 100 ldap ssl = no valid users = @MLE-ALL create mask = 0775 directory mask = 0775 guest ok = Yes dos filemode = Yes [NET-Eng] comment = Product Design By Genius path = /mnt/mle-net/MLE-NET/MLE-NET-Eng write list = @MLE-ALL force user = mleall read only = No [NET-GMDB] comment = MLE-NET GoldMine DB path = /mnt/mle-net/MLE-NET/MLE-NET-GMDB write list = @MLE-ALL force user = mleall read only = No veto oplock files = /*.DBT/*.DBF/*.MDX/ blocking locks = No level2 oplocks = No dos filemode = No [NET-Public] comment = MLE-NET Public Share path = /home/local/samba-public write list = @MLE-ALL force user = mleall read only = No copy = NET-Eng -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba as a portable userland FS basis?
1. Is it possible to build/run the Samba _server_ on Windows (e.g. using Cygwin)? a quick ./configure test on Cygwin results in: ... checking whether to use included popt... ./popt checking configure summary... ERROR: No locking available. Running Samba would be unsafe configure: error: summary failure. Aborting config [EMAIL PROTECTED] ~/samba-2.2.9/source after hacking/forcing configure to go on by inserting samba_cv_HAVE_FCNTL_LOCK=yes the configure runs till' end with no further complaints. moreover: make runs through without complaints (some C warnings which look like expected ..). then make install has it's problems: [EMAIL PROTECTED] ~/samba-2.2.9/source $ make install Using FLAGS = -O -I./popt -Iinclude -I./include -I./ubiqx -I./smbwrapper -DLOGFILEBASE=/usr DSBINDIR=/usr/local/samba/bin -DLOCKDIR=/usr/local/samba/var/locks -DCODEPAGEDIR=/usr/loca IBDIR=/usr/local/samba/lib -DHAVE_INCLUDES_H -DPASSWD_PROGRAM=/usr/bin/passwd -DSMB_PASSWD_ Using FLAGS32 = -O -I./popt -Iinclude -I./include -I./ubiqx -I./smbwrapper -DLOGFILEBASE=/u -DSBINDIR=/usr/local/samba/bin -DLOCKDIR=/usr/local/samba/var/locks -DCODEPAGEDIR=/usr/lo DLIBDIR=/usr/local/samba/lib -DHAVE_INCLUDES_H -DPASSWD_PROGRAM=/usr/bin/passwd -DSMB_PASSW Using LIBS = -lcrypt /bin/sh ./install-sh -d -m 0755 /usr/local/samba /bin/sh ./install-sh -d -m 0755 /usr/local/samba/bin /bin/sh ./install-sh -d -m 0755 /usr/local/samba/bin /bin/sh ./install-sh -d -m 0755 /usr/local/samba/lib /bin/sh ./install-sh -d -m 0755 /usr/local/samba/var /bin/sh ./install-sh -d -m 0755 /usr/local/samba/var/locks /bin/sh ./install-sh -d -m 0755 /usr/local/samba/lib/codepages Installing bin/smbd as /usr/local/samba/bin/smbd cp: `bin/smbd' and `/usr/local/samba/bin/smbd' are the same file chmod: getting attributes of `/usr/local/samba/bin/smbd': No such file or directory Installing bin/nmbd as /usr/local/samba/bin/nmbd cp: `bin/nmbd' and `/usr/local/samba/bin/nmbd' are the same file chmod: getting attributes of `/usr/local/samba/bin/nmbd': No such file or directory Installing bin/swat as /usr/local/samba/bin/swat cp: `bin/swat' and `/usr/local/samba/bin/swat' are the same file chmod: getting attributes of `/usr/local/samba/bin/swat': No such file or directory ... after manually copying the binaries like make install tried, I reran make install to get the codepages installed, since now it can find the binaries needed for this then, I copied C:\cygwin\home\tob\samba-2.2.9\examples\smb.conf.default to C:\cygwin\usr\local\samba\lib\smb.conf with slight editing now, at least basic functionality seem to work: [EMAIL PROTECTED] ~ $ smbd -i -d 10 -s /usr/local/samba/lib/smb.conf ... load_unicode_map: loading unicode map for codepage 850. load_unix_unicode_map: ISO8859-1 (init_done=0, override load_unicode_map: loading unicode map for codepage ISO8 loaded services fcntl_lock 5 8 0 1 2 fcntl_lock: Lock call successful claiming 0 bind succeeded on port 139 ... waiting for a connection and $ smbclient -L localhost added interface ip=192.168.1.101 bcast=192.168.1.255 nmask=255.255.255.0 Password: Anonymous login successful Domain=[ARBEITSGRUPPE] OS=[Unix] Server=[Samba 2.2.9] Sharename Type Comment - --- tmpDisk Temporary file space IPC$ IPC IPC Service (Samba Server) ADMIN$ Disk IPC Service (Samba Server) Server Comment ---- WorkgroupMaster ---- [EMAIL PROTECTED] ~ so this leaves me with the question: Is the fcnlt/locking issue on Cygwin significant? 2. Is there a reasonable internal API within the Samba server which could be used to stack unusual FS stuff on top? I just learned there is a VFS interface to implement modules to do various unusual things. Is this the recommended way of extending Samba? Cheers, Tobias -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Virus checker leaving chmod of files in samba log
Hi all, I am running a Samba 3.0.0-14.3E server on a RedHat Enterprise WS3. Here's the problem: When I am connected from my PC (Windows 2000) and run the MacAffee v4.5.1 virus scanner on the connected share, I see the following in the Samba log file (debug level=2) for what appears to be each file in the share: [2004/07/20 13:02:51, 2] smbd/open.c:open_file(250) sullivan opened file media/._media1.pov read=Yes write=No (numopen=1) [2004/07/20 13:02:51, 2] smbd/close.c:close_normal_file(228) sullivan closed file media/._media1.pov (numopen=0) [2004/07/20 13:02:51, 2] smbd/open.c:open_file(250) sullivan opened file media/._media1.pov read=Yes write=No (numopen=1) [2004/07/20 13:02:51, 2] smbd/close.c:close_normal_file(228) sullivan closed file media/._media1.pov (numopen=0) [2004/07/20 13:02:51, 2] smbd/open.c:open_file(250) sullivan opened file media/._media1.pov read=Yes write=No (numopen=1) [2004/07/20 13:02:51, 2] smbd/trans2.c:call_trans2setfilepathinfo(3091) chmod of media/._media1.pov failed (Operation not permitted) [2004/07/20 13:02:51, 2] smbd/close.c:close_normal_file(228) sullivan closed file media/._media1.pov (numopen=0) [2004/07/20 13:02:51, 2] smbd/open.c:open_file(250) sullivan opened file media/._media1.pov read=No write=Yes (numopen=1) [2004/07/20 13:02:51, 2] smbd/close.c:close_normal_file(228) sullivan closed file media/._media1.pov (numopen=0) [2004/07/20 13:02:51, 2] smbd/open.c:open_file(250) Note the chmod of media/._media1.pov failed (Operation not permitted) line. Does anyone know what the virus scanner is trying to do? -Jim -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Slowdown due to change in DC lookup from 3.0.1 to 3.0.2a
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Derek Holden wrote: | I am experiencing slowdown due to changes introduced | after 3.0.1 to the various DC lookup routines. I have | it narrowed down but don't know where to go from here. | First the relevant pieces of the conf: | | [global] |workgroup = COMPANY.COM |security = server |log level = 4 auth:6 |password server = SERVER1 SERVER2 |wins server = 10.0.0.29 |os level = 0 |domain / preferred / local master = no |dns proxy = no ... | It appears before ads_dc_name () was being | alled before because the condition strchr_m(domain, '.') | was passing due to the domain being 'COMPANY.COM' in | the conf. This is why the check was considered to be bogus. having a '.' in a netbios name always ends in tears. Set workgroup to be the short version of the AD realm name. Then the name should resolve via WINS. | Now it fails because it it is checking either ADS | security mode or realm. However, realm is set to NULL | from the enumerate_domain_trusts call. | | So that's where I am at. I don't have the priviledges at | the company to add this server to the domain, which is | why security mode is server. I'd appreciate any help | or pointers. Thanks a lot, cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ...a hundred billion castaways looking for a home. --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/VlnIR7qMdg1EfYRAq37AKDjUmYB6z37pUbWpKXPK+v46jEqbACgtkFv XnURNQjeDQjILgeU3ljf9co= =BmhS -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Delete directory on mounted system
Hello, I'm french so sorry for my mistakes. I have samba server 2.2.8 on mdk and one PC on Fedora Core II in local network. I have mounted some smb directory on my FC2 . All work fine but just i can't delete any directory on my FC2 however i have all the rights. That made 4 days that I seek but I found anything. Thank for your help. -- Cordialement, toute l'quipe de LinuxPourLesNuls. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Invitation to Hawaii (USA) and Amalfi (Italy) vip/ka
Dear Dr. Samba, This is an invitation for you to attend two IPSI BgD multidisciplinary and interdisciplinary conferences, one in Hawaii, and one in Amalfi, as follows: IPSI-2005 HAWAII Big Island Hawaii (arrival: 06.01.2005. departure: 09.01.2005.) Deadlines: 1 October 2004 (abstract) + 30 October 2004 (full paper) IPSI-2005 AMALFI Amalfi, Italy (arrival: 17.02.2005. departure: 20.02.2005.) Deadlines: 17 October 2004 (abstract) + 7 December 2004 (full papers) If you like to obtain more information on both conferences, please reply to this email. All IPSI BgD conferences are non-profit! They bring together the elite of the world science (so far, 7 times a Nobel Laureate was talking at the opening ceremony), and they take place in the leading hotels of the world. Topics of interest include, but are not limited to: Internet, Computer Science and Engineering, Management and Business Administration, Education, e-Medicine, Electrical Engineering, Bioengineering, Environment Protection, and e-Economy. These conferences are in line with the newest recommendations of NSF and EU to stress multidisciplinary, interdisciplinary, and transdisciplinary research, and truly support this type of scientific interraction. Sincerely Yours, Prof. V. Milutinovic, Chairman PS - If you plan to submit an abstract/paper, let us know immediately. If you are not able to attend now, but you like to be informed about the future IPSI BgD conferences, please let us know. If you do not like to receive future invitations, let us know, as well! -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Samba + ADS + User Accounts
Hello, We have a windows 2003 server hosting ADS. We also have a fedora core 2 file server running samba 3.0.2a. We have it currently configured to join the ADS domain. We Can use Winbind to see users, groups, etc. We can even browse samba shares from windows computers. However one thing we don't know: What we want to do is when a user is added to ADS for samba to create a user directory (like it does when you run adduser in linux) with proper ownership of that dirrectory. Can samba do this? If so, how do we set up samba to do that?? Thanks Dan Strohschein Director of Software The Wifi Link -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Windows permissions
Greetings NG- I'm putting together a Samba domain for the first time, using 3.0.2a-Debian. I have created a good smb.conf file (based on the Howto book by John Terpstra), including the following line to disable roaming profiles everywhere: logon path = Thanks to Josh Ginsberg and company for that one! Now I have created one logon user and have logged on successfully from a Win2k/pro machine without incident. However, this user does not have Administrator privaledges on the windows machine. I need a samba domain user that logs in and has all the privaledges that a local Administrator user has. Is this possible? I would think this should be configurable on the server, as authentication is all done via SMB/CIFS. Am I right? I have investigated the smbpasswd command, thinking it should be in there somewhere, but no dice. TIA, Jake Marble LandEZ -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] Virus checker leaving chmod of files in samba log
I have some more information and a possible clue to what is going on here. 1) The chmod was only happening to files that I did not own. 2) These files were on Samba shares that I had write access to. Readonly shares did not give me this behavior on any file. Writable shares only gave me this behavior on files I did not own. This behavior was noted in the archives: http://lists.samba.org/archive/samba/2003-March/063621.html and http://lists.samba.org/archive/samba-technical/2003-November/032624.html with the first reference stating the following: - When the laptop user connects to the network, and starts to synchronize, the synchronization fails with NT_STATUS_ACCESS_DENIED. A bit of tracing through debugging output show that: * Synchronization fails only on files not owned by the laptop owner * The laptop user is in the correct unix group to read and write these files, and smbd knows this. * Some packet dumping shows that the actual point of failure comes when the laptop issues a SET_FILE_INFORMATION request. It looks like XP is trying to set the mode of the files (even though it doesn't need to). Samba is doing the right thing and translates this into a chmod call, which fails correctly due to the file owner not being the laptop user. - Now I was running a Virus Scanner and not synchronizing my files (knowingly), but the behavior is the same and repeatable. I'm guessing that the virus scanner is performing a syncronization during its scanning. Anyway, it seems harmless but really clogs the logs at debug level 2! Any other pointers appreciated. It appears harmless but will be keeping my eye on it. -Jim -Original Message- From: Sullivan, James (NIH/CIT) Sent: Tuesday, July 20, 2004 1:09 PM To: '[EMAIL PROTECTED]' Subject: [Samba] Virus checker leaving chmod of files in samba log Hi all, I am running a Samba 3.0.0-14.3E server on a RedHat Enterprise WS3. Here's the problem: When I am connected from my PC (Windows 2000) and run the MacAffee v4.5.1 virus scanner on the connected share, I see the following in the Samba log file (debug level=2) for what appears to be each file in the share: [2004/07/20 13:02:51, 2] smbd/open.c:open_file(250) sullivan opened file media/._media1.pov read=Yes write=No (numopen=1) [2004/07/20 13:02:51, 2] smbd/close.c:close_normal_file(228) sullivan closed file media/._media1.pov (numopen=0) [2004/07/20 13:02:51, 2] smbd/open.c:open_file(250) sullivan opened file media/._media1.pov read=Yes write=No (numopen=1) [2004/07/20 13:02:51, 2] smbd/close.c:close_normal_file(228) sullivan closed file media/._media1.pov (numopen=0) [2004/07/20 13:02:51, 2] smbd/open.c:open_file(250) sullivan opened file media/._media1.pov read=Yes write=No (numopen=1) [2004/07/20 13:02:51, 2] smbd/trans2.c:call_trans2setfilepathinfo(3091) chmod of media/._media1.pov failed (Operation not permitted) [2004/07/20 13:02:51, 2] smbd/close.c:close_normal_file(228) sullivan closed file media/._media1.pov (numopen=0) [2004/07/20 13:02:51, 2] smbd/open.c:open_file(250) sullivan opened file media/._media1.pov read=No write=Yes (numopen=1) [2004/07/20 13:02:51, 2] smbd/close.c:close_normal_file(228) sullivan closed file media/._media1.pov (numopen=0) [2004/07/20 13:02:51, 2] smbd/open.c:open_file(250) Note the chmod of media/._media1.pov failed (Operation not permitted) line. Does anyone know what the virus scanner is trying to do? -Jim -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba/LDAP/PDC Questions
Thank you for the response! 1. In what situtation do I need People group as the group for machines? Always. Until they fix the bug/design issue that is. OK, I reconfigured smb.conf and smbldap_config.pm to Users for users, Groups for groups, and People for computers. 2. Should the PDC itself be in the ldap backend database? I haven't found a good reason that it 'has' to in my tests. I did join PDC to the domain using 'net rpc join -Uadministrator%secret' according to John H. Terpatra's Samba-3 by Example. After joining, I do see the PDC machine is the ldap backend database. 3. In the /etc/ldap.conf, if I turn on the nss staff, I cannot log in to the dmain anymore. It said User does not exist. Can you expand on this a bit more? From what you've said (which isn't much) it almost sounds like you didn't have ldap working as the posix auth system before you layered on samba. My /etc/ldap.conf is as follow: host 127.0.0.1 base dc=ab,dc=com # nss_base_passwdou=Users,dc=ab,dc=com?one # nss_base_shadowou=Users,dc=ab,dc=com?one # nss_base_group ou=Group,dc=ab,dc=com?one ssl no pam_password md5 # What I was trying to say is that the three nss_base lines: o with or without them, I can do 'getent password' etc with all the posixAcounts o with them uncommented, I cannot loginto a domain account from an XP machine, though the XP machine itself joined the domain on a fly. [* actually I cannot login to a domain account from the XP no matter what after I reconfigure the PDC with People for computers *] So I wonder what exactly these three lines do. The PDC is on Fedora 2 system. I ran authconfig to enable ldap authentication. The pam.d is automatically configured. I am not sure it is using ldap_nss stuff at all. Right now, I can join the XP machine into the domain but after reboot I just cannot log into domain Administrator account. The error from the XP is The system could not log you on, Make sure your user name and domain are correct, then type your oassword again. From the log.xp file, I see errors. Any suggestion? -- Kang Sun # [2004/07/20 14:42:38, 0] rpc_server/srv_pipe.c:api_pipe_netsec_process(1397) failed to decode PDU [2004/07/20 14:42:38, 0] rpc_server/srv_pipe_hnd.c:process_request_pdu(605) process_request_pdu: failed to do schannel processing. ## -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
RE: [Samba] The next Logical Check for SWAT
I know this might be out in left field, but have you checked your hosts.allow and hosts.deny files in /etc? Patti Clark -Original Message- From: Robert Robinson [mailto:[EMAIL PROTECTED] Sent: Friday, July 16, 2004 4:14 PM To: [EMAIL PROTECTED] Subject: [Samba] The next Logical Check for SWAT Samba is working SWAT is loaded and listening on port 901 I have reconfirmed the syntax of the services file I have reconfirmed the syntax of the SWAT file in xinet.d When I go to localhost:901 nothing happens. It just sits there. WHat is the next logical check in my attempt to get SWAT working? BTW: It works fine if I use Webmin -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: locks cooperating with a server side process
Chris Green [EMAIL PROTECTED] writes: I'm having a problem where I can gain the lock but the process is still writing to the file. OK, I realized that putting python in might have scared away anyone that knew C enough to help me out on my problem so I wrote a tiny util to look at the fcntl based locks. http://cmg.dok.org/code/lockview.c As I copy the file from NT - Linux 2.4, There are no locks set on the file. However, if I turn strict locking on, posix.c/is_posix_locked will return true as soon as I gain the lock and abort the copy. If just plain locking is on, the file will be deleted as soon as the copy is complete if another process has gained a write lock. Does anyone else use samba as a drop box for a unix process? Is there anyway to make a file be locked upon creation with the copy command? I have a hard time figuring out all the paramters for open_file_shared1 [2004/07/20 13:21:37, 5] smbd/files.c:file_new(123) allocated file structure 5634, fnum = 9730 (2 used) [2004/07/20 13:21:37, 10] smbd/open.c:open_file_shared1(807) open_file_shared: fname = output/Testing/cygwin.tar, share_mode = 11, ofun = 10, mode = 660, oplock request = 3 Thanks, Chris -- Chris Green [EMAIL PROTECTED] Eschew obfuscation. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: String overflow in safe_strcpy - bug in documentation
Herb Lewis schrieb: you can change mangle prefix to specify the number of characters you want to stay the same. Just remember the more letters that remain the same the more likely you will get a collision and slow things down. http://de.samba.org/samba/docs/man/smb.conf.5.html mangling method (G) controls the algorithm used for the generating the mangled names. Can take two different values, hash and hash2. hash is the default and is the algorithm that has been used in Samba for many years. hash2 is a newer and considered a better algorithm (generates less collisions) in the names. However, many Win32 applications store the mangled names and so changing to the new algorithm must not be done lightly as these applications may break unless reinstalled. Default: mangling method = hash2 Example: mangling method = hash But: hash is not the default (this was in 2.2.x) der tom -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: locks cooperating with a server side process
I'm having a problem where I can gain the lock but the process is still writing to the file. If your building a 'drop box' so to speak, where a process picks up files after they are copied in, perhaps you want to look into hooking for application into 'fam' http://oss.sgi.com/projects/fam/ man fam: ... fam is a server that tracks changes to the filesystem and relays these changes to interested applications. Applica tions such as fm(1G) and mailbox(1) present an up-to-date view of the filesystem. In the absence of fam, these applications and others like them are forced to poll the filesystem to detect changes. fam is more efficient. Applications can request fam to monitor any files or directories in any filesystem. When fam detects changes to monitored files, it notifies the appropriate applica tion. The FAM API provides a programmatic interface to fam; see fam(3X). fam is informed of filesystem changes as they happen by the kernel through the imon(7M) pseudo device driver. If asked to monitor files on an NFS mounted filesystem, fam tries to use fam on the NFS server to monitor files. If fam cannot contact a remote fam, it polls the files instead. fam also polls special files. ... -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] LOGIC ERROR in smbd locks system...
On Tue, Jul 20, 2004 at 10:22:02AM +0200, Maier, Thomas wrote: Hello, i have a little problem here: Using Samba 2.2.2 with IBM ClearCase (2003) on a Sun Solaris 8 machine (2 cpus, 4G ram) (IBM does not support Samba 3.0 with Clearcase, maybe Samba 3.0 will fix the problem, but not able to test it yet). There are more than 100 smbd processes running in average. Load average of the maschine: under 1.0 in normal operation. But from time to time there are system locks, means: there are many smbd's running (over 50 and more) that produces an load average of over 50.0 ! These processes consume about 2% cpu time per smbd, resulting in: cpu state: 0% idle 10% user 90% kernel. 2.2.2 is old even for the 2.2.x series :-). Please upgrade either to 3.0.x or the last 2.2.x version (2.2.9 I believe). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Help using Samba in ADS environment
Hello all, Forgive me as this is probably a common question. However, I could not find an answer while searching. I have a few Linux servers running Samba 2.2.x that are hosting open shares with guest read/write access. I would like to have these become a member of the active directory and allow pass-thru authentication and authorizations to the shares hosted. I find where I can join the domain and set it to domain mode. However, it's not clear how to do pass-thru authentication. I do not want to create local user accounts for all users. I want to allow read/write share access to a global group. Can anyone direct me to an FAQ or instructions on setting this up properly? Thanks. --- Shawn Poulson [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba-3.0.4 - PANIC: Could not generate a machine SID
Thanks to Jim C. for his suggestion of winbind, which I will also pursue. However, this specific problem was corrected by moving the private directory from NFS to a local filesystem. I recall experiencing this situation before. Okay, Solaris gurus, what exactly causes this problem? Is it unique to Solaris? Is it something to be avoided by software (Samba) developers? Mike Searching the archives for a solution to this problem revealed no solution. Recently I built Samba-3.0.4 from downloaded source on a computer running Solaris 8. I wish to have this computer join a Windows NT 4.0 domain (as only a member.) I have another computer currently running Samba-2.0.7 as a member in this domain. (The goal is to have Samba-3.0.4 replace Samba-2.0.7.) After a successful build, I copied the Samba-2.0.7 smb.conf to Samba-3.0.4 and changed the necessary identification statements. (testparm runs clean.) If needed, I will post smb.conf. Key smb.conf statements: security = domain encrypt passwords = yes password server = xyzzy Samba is started via (complete path not shown): .../nmbd -D .../smbd -D # ls -ald /usr/local/samba/private drwxr-xr-x 2 root other 4096 Jul 12 17:23 /usr/local/samba/private # ls -l /usr/local/samba/private/secrets.tdb -rw--- 1 root root8192 Jul 13 13:32 /usr/local/samba/private/secrets.tdb smbd repeatedly fails producing the following messages in the log: [2004/07/13 12:50:24, 0] tdb/tdbutil.c:tdb_log(725) tdb(/SOURCES/samba-3.0.4/private/secrets.tdb): tdb_lock failed on list 30 ltype=1 (Resource temporarily unavailable) [2004/07/13 12:50:24, 0] tdb/tdbutil.c:tdb_log(725) tdb(/SOURCES/samba-3.0.4/private/secrets.tdb): tdb_lock failed on list 30 ltype=2 (Resource temporarily unavailable) [2004/07/13 12:50:24, 0] passdb/machine_sid.c:pdb_generate_sam_sid(176) pdb_generate_sam_sid: Failed to store generated machine SID. [2004/07/13 12:50:24, 0] lib/util.c:smb_panic2(1398) PANIC: Could not generate a machine SID [2004/07/13 12:50:24, 0] lib/fault.c:fault_report(36) === [2004/07/13 12:50:24, 0] lib/fault.c:fault_report(37) INTERNAL ERROR: Signal 6 in pid 24581 (3.0.4) Please read the appendix Bugs of the Samba HOWTO collection [2004/07/13 12:50:24, 0] lib/fault.c:fault_report(39) === [2004/07/13 12:50:24, 0] lib/util.c:smb_panic2(1398) PANIC: internal error Thanks, in advance, for any help that you may offer. Mike Box -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Samba-3.0.4 - PANIC: Could not generate a machine SID
On Tue, Jul 20, 2004 at 04:11:57PM -0400, Mike Box wrote: Thanks to Jim C. for his suggestion of winbind, which I will also pursue. However, this specific problem was corrected by moving the private directory from NFS to a local filesystem. I recall experiencing this situation before. Okay, Solaris gurus, what exactly causes this problem? Is it unique to Solaris? Is it something to be avoided by software (Samba) developers? Solaris won't allow fcntl locks on mmap'ed files on an NFS mounted filesystem. Some would call that a bug. :-). Yes, it's unique to Solaris. Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Log shows NT4 for an ADS domain
I'm trying to learn about the interactions between SAMBA and win2k DCs. The eventual goal is to have a Win2k server with ADS working with a freeBSD SAMBA server. I've used the setup from http://oslabs.mikro-net.com/fbsd_samba.html as the basis for what I've done so far. Winbind seems to work and I can show users and groups using wbinfo although I see some things in the logs that I haven't been able to figure out. I'm using a native Win2k ADS domain, but when winbindd is starting up my log shows HOME is an NT4 domain... Home was an mixed mode domain when I first started working with SAMBA, but I have converted it since then. I thought I had removed all traces of the old domain from SAMBA, and rejoined the ADS domain. Do ADS domains still show NT4 in the log? or do I have something messed up? If there's a better reference for the log messages, please point me in the right direction. Thanks for the help, Joe In this log snippets: - home.local is the Win2k domain - frosty.home.local is the DC - kara.home.local is the Samba box. [2004/07/20 20:08:31, 3] nsswitch/winbindd_util.c:add_trusted_domain(173) add_trusted_domain: HOME is an NT4 domain [2004/07/20 20:08:31, 1] nsswitch/winbindd_util.c:add_trusted_domain(180) Added domain HOME HOME.LOCAL S-0-0 ... [2004/07/20 20:08:31, 3] nsswitch/winbindd_util.c:add_trusted_domain(173) add_trusted_domain: BUILTIN is an NT4 domain [2004/07/20 20:08:31, 1] nsswitch/winbindd_util.c:add_trusted_domain(180) Added domain BUILTIN S-1-5-32 [2004/07/20 20:08:31, 3] nsswitch/winbindd_util.c:add_trusted_domain(173) add_trusted_domain: KARA is an NT4 domain [2004/07/20 20:08:31, 1] nsswitch/winbindd_util.c:add_trusted_domain(180) Added domain KARA S-1-5-21-3424855220-147354258-856157331 complete winbind log (level 5) winbindd version 3.0.4 started. Copyright The Samba Team 2000-2004 [2004/07/20 20:08:31, 2] param/loadparm.c:do_section(3392) Processing section [homes] [2004/07/20 20:08:31, 2] param/loadparm.c:do_section(3392) Processing section [storage] [2004/07/20 20:08:31, 3] param/loadparm.c:lp_add_ipc(2359) adding IPC service [2004/07/20 20:08:31, 3] param/loadparm.c:lp_add_ipc(2359) adding IPC service [2004/07/20 20:08:31, 2] lib/interface.c:add_interface(79) added interface ip=10.0.0.102 bcast=10.0.0.255 nmask=255.255.255.0 [2004/07/20 20:08:31, 2] lib/interface.c:add_interface(79) added interface ip=10.0.0.102 bcast=10.0.0.255 nmask=255.255.255.0 [2004/07/20 20:08:31, 2] lib/tallocmsg.c:register_msg_pool_usage(57) Registered MSG_REQ_POOL_USAGE [2004/07/20 20:08:31, 2] lib/dmallocmsg.c:register_dmalloc_msgs(71) Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED [2004/07/20 20:08:31, 3] nsswitch/winbindd_util.c:add_trusted_domain(173) add_trusted_domain: HOME is an NT4 domain [2004/07/20 20:08:31, 1] nsswitch/winbindd_util.c:add_trusted_domain(180) Added domain HOME HOME.LOCAL S-0-0 [2004/07/20 20:08:31, 3] libads/ldap.c:ads_connect(218) Connected to LDAP server 10.0.0.100 [2004/07/20 20:08:31, 3] libads/ldap.c:ads_server_info(2029) got ldap server name [EMAIL PROTECTED], using bind path: dc=HOME,dc=LOCAL [2004/07/20 20:08:31, 3] nsswitch/winbindd_cm.c:cm_get_ipc_userpass(110) IPC$ connections done anonymously [2004/07/20 20:08:31, 3] libsmb/cliconnect.c:cli_start_connection(1373) Connecting to host=FROSTY [2004/07/20 20:08:31, 3] lib/util_sock.c:open_socket_out(735) Connecting to 10.0.0.100 at port 445 [2004/07/20 20:08:31, 5] nsswitch/winbindd_cm.c:cm_open_connection(256) connecting to FROSTY from KARA with kerberos principal [EMAIL PROTECTED] [2004/07/20 20:08:31, 3] libsmb/cliconnect.c:cli_session_setup_spnego(705) Doing spnego session setup (blob length=106) [2004/07/20 20:08:31, 3] libsmb/cliconnect.c:cli_session_setup_spnego(730) got OID=1 2 840 48018 1 2 2 [2004/07/20 20:08:31, 3] libsmb/cliconnect.c:cli_session_setup_spnego(730) got OID=1 2 840 113554 1 2 2 [2004/07/20 20:08:31, 3] libsmb/cliconnect.c:cli_session_setup_spnego(730) got OID=1 2 840 113554 1 2 2 3 [2004/07/20 20:08:31, 3] libsmb/cliconnect.c:cli_session_setup_spnego(730) got OID=1 3 6 1 4 1 311 2 2 10 [2004/07/20 20:08:31, 3] libsmb/cliconnect.c:cli_session_setup_spnego(737) got [EMAIL PROTECTED] [2004/07/20 20:08:31, 2] libsmb/cliconnect.c:cli_session_setup_kerberos(535) Doing kerberos session setup [2004/07/20 20:08:31, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(245) Ticket in ccache[MEMORY:cliconnect] expiration Wed, 21 Jul 2004 06:08:31 GMT [2004/07/20 20:08:31, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(181) lsa_io_sec_qos: length c does not match size 8 [2004/07/20 20:08:31, 3] nsswitch/winbindd_ads.c:alternate_name(932) ads: alternate_name [2004/07/20 20:08:31, 3] libads/ldap.c:ads_connect(218) Connected to LDAP server 10.0.0.100 [2004/07/20 20:08:31, 3] libads/ldap.c:ads_server_info(2029) got ldap server name [EMAIL PROTECTED], using bind path: dc=HOME,dc=LOCAL [2004/07/20
Re: [Samba] Re: locks cooperating with a server side process
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chris Green wrote: ... | Does anyone else use samba as a drop box for a unix process? | | Is there anyway to make a file be locked upon creation with the copy | command? I have a hard time figuring out all the paramters for | open_file_shared1 Chris, This kind og question is probably better suited for the samba-technical mailing list. I would repost there. cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ...a hundred billion castaways looking for a home. --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/YEHIR7qMdg1EfYRArGLAJ9cDIX+qpu1jo3MDK8wt4CitjBn8wCePDzn tNaMlQ4irMheC+EwD8vUAa8= =IOzG -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: roaming profiles and samba
Just don't do roaming profiles... thread on that recently in this list. -- Michael Lueck Lueck Data Systems Remove the upper case letters NOSPAM to contact me directly. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Failed to issue the StartTLS instruction: Connect error
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 O Plameras wrote: | Hi, | | I have two LDAP Servers with similar configurations. | The main difference is that one runs Linux Fedora 1 and the other Linux | Fedora 2. The Fedora 2 server runs | correctly whilst the Fedora 1 LdAP doesn't with the error: | | Failed to issue the StartTLS instruction: Connect error. | | Following is an example of error message on Fedora 1. | | [EMAIL PROTECTED] etc]# net getlocalsid | [2004/07/18 21:20:09, 0] lib/smbldap.c:smbldap_open_connection(624) | Failed to issue the StartTLS instruction: Connect error | [2004/07/18 21:20:09, 0] lib/smbldap.c:smbldap_search_suffix(1126) | smbldap_search_suffix: Problem during the LDAP search: | error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake | failure (Connect error) | SID for domain LINUX is: S-1-5-21-631164965-3065778426-3560323935 | [EMAIL PROTECTED] etc]# | | Can someone tell what and where I should be looking for ? Thanks. aMake sure that you can connect to the LDAP directory server using ldapsearch -ZZ. This is probably an issue with the LDAP server's certificate. Probably not a Samba issue. cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ...a hundred billion castaways looking for a home. --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/YIaIR7qMdg1EfYRAlqxAKCvVAECs5lpQNNrFMKs8C1iJLWbrQCgrFge DLR45310EeTiXsVUVhv4O7Y= =iQiG -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: Samba/LDAP/PDC Questions
[EMAIL PROTECTED] wrote: Thank you for the response! And thank you for also posting in plaintext. That fonted stuff was tough to read. 2. Should the PDC itself be in the ldap backend database? I haven't found a good reason that it 'has' to in my tests. I did join PDC to the domain using 'net rpc join -Uadministrator%secret' according to John H. Terpatra's Samba-3 by Example. After joining, I do see the PDC machine is the ldap backend database. Nothing wrong with that... 3. In the /etc/ldap.conf, if I turn on the nss staff, I cannot log in to the dmain anymore. It said User does not exist. Can you expand on this a bit more? From what you've said (which isn't much) it almost sounds like you didn't have ldap working as the posix auth system before you layered on samba. My /etc/ldap.conf is as follow: host 127.0.0.1 base dc=ab,dc=com # nss_base_passwdou=Users,dc=ab,dc=com?one # nss_base_shadowou=Users,dc=ab,dc=com?one # nss_base_group ou=Group,dc=ab,dc=com?one ssl no pam_password md5 # What I was trying to say is that the three nss_base lines: o with or without them, I can do 'getent password' etc with all the posixAcounts o with them uncommented, I cannot loginto a domain account from an XP machine, though the XP machine itself joined the domain on a fly. [* actually I cannot login to a domain account from the XP no matter what after I reconfigure the PDC with People for computers *] So I wonder what exactly these three lines do. The PDC is on Fedora 2 system. I ran authconfig to enable ldap authentication. The pam.d is automatically configured. I am not sure it is using ldap_nss stuff at all. Ok, I believe on Fedora that ou=People is the default, so when you uncomment these then you are changing the authentication system and nss to look in Users instead of People. It is running on defaults entirely if these are missing. If you are authenticating directly (ssh or ftp or something) that should fail as well when you have those lines enabled. Right now, I can join the XP machine into the domain but after reboot I just cannot log into domain Administrator account. The error from the XP is The system could not log you on, Make sure your user name and domain are correct, then type your oassword again. Can you log in with a regular user? Perhaps one that you know is configured correctly? It sounds like your machine is added correctly or the error you would get would say something to the effect of 'Cannot find your machine account or the domain controller is unavailable.' I'm sure I mangled that error, but that's the best I can remember right now. From the log.xp file, I see errors. Any suggestion? -- Kang Sun # [2004/07/20 14:42:38, 0] rpc_server/srv_pipe.c:api_pipe_netsec_process(1397) failed to decode PDU [2004/07/20 14:42:38, 0] rpc_server/srv_pipe_hnd.c:process_request_pdu(605) process_request_pdu: failed to do schannel processing. ## A lot of people have posted about schannel stuff, but I think I may have glossed over the end of those threads. Anybody who actually read them care to chime in here? :-/ -- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax:701-281-1322 URL: www.ae-solutions.commailto: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Winbind problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Chris wrote: | Since we are dealing with ADS, I thought it would be | safe to refer to things in ads nomanclature. Aparently | not the case with the password server. The | error output was likewise misleading: | | [2004/07/15 11:55:43, 1] nsswitch/winbindd_ads.c:ads_cached_connection(81) | ads_connect for domain NEWDOMAIN failed: No such file or directory | | I was looking all around both machines' filesystems, | LDAP and ADS for a file or directory that was missing. Turns | out that had nothing to do with it. | | The problem was this line in my smb.conf: | password server = stan.newdomain.int | | It should have been | password server = STAN | | i.e. in netbios nomanclature -- not ADS(DNS) nomanclature. | | I am amazed that no one caught that, but there it is! | So much grief for such a stupid gaff. | | I thank those who took the time to read my post, and | hope that this will help someone in the future. Chris, This should have worked. Either netbios names, fwdn's, or ip addresses are supported values in the pasword server field in the Samba 3.0.x series. Does stan.newdomain.int resolve to an IP address and does that machine have netbios enabled ? - -- cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ...a hundred billion castaways looking for a home. --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/YMFIR7qMdg1EfYRAqkDAKDS21lXeoKlJY+KhbzGV+7ljBljugCfdzbH zKW+59akKw4t1GIuQxU/ins= =u4Ke -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] corrupt tdb problems
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greg Dickie wrote: | Hi, | | I'm seeing this in log.winbind | | [2004/07/16 13:26:57, 0] tdb/tdbutil.c:tdb_log(725) | tdb(/var/lib/samba/winbindd_idmap.tdb): rec_free_read bad magic Bad news. Hope you have a backup of. Not much you can do but remove the tdb and restart winbindd. This means that all winbindd SID-uid/gid mappings will be reset and any winbind local users/groups will be removed. cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ...a hundred billion castaways looking for a home. --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/YPSIR7qMdg1EfYRAmDvAJ9GAU4rgHkehsuw/8oiqhN+w3hf4QCeKPE7 Er2xPssgY2B+InkUDNAwTpk= =ZfA1 -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Ascii mode in smbclient?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 William Beilstein wrote: | The translate command did what I needed. Why isn't it in any of the man | pages? It would have saved all of us effort. Thanks to Giulio! Your answer | was much appreciated. Your right. Apparently it is missing from the smb.conf(1) man page. I'll get that fixed. In the meantime you should be able to get minimal help on all smbclient commands via the help function. smb: \ help ... rename reput rm rmdir setmode symlinktartarmodetranslate vuid smb: \ help translate HELP translate: ~toggle text translation for printing cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ...a hundred billion castaways looking for a home. --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/YVfIR7qMdg1EfYRAnMWAJ479hRnNOyavXkcQ3HCRf2roZMG4QCeKKmG 9ojY/qezxWzYUZpZLKeHhEE= =i5CV -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] configure not detecting IRIX6
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Philip Chambers wrote: | A couple of days ago I sent a message about trying to | build 3.0.4 under IRIX6 and having make fail | because smbd/quota.h could not find devnm.h. | I got no suggestions as to how to work out what the | problem was. I have now identified why the problem arose | and that moves me to the next problem! | | configure is failing to detect that the OS is IRIX6. | include/config.h does not have a #define for any OS. | | Can someone suggest why configure is not setting up the | OS on IRIX6? | | Failing that, can someone point me to the part of | configure where it should be detecting IRIX6 as the OS? Please send me the config.log and config.h files from the build and I'll try to work on it. cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ...a hundred billion castaways looking for a home. --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/YfuIR7qMdg1EfYRAnQJAKCu+cHTyxfOIvRsmZAE0fBgLa3AzwCfb8sr rlhQwBUJ6+8kuKhL0ZIYQ8Y= =cRWi -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: locks cooperating with a server side process
Adam Tauno WIlliams [EMAIL PROTECTED] writes: If your building a 'drop box' so to speak, where a process picks up files after they are copied in, perhaps you want to look into hooking for application into 'fam' http://oss.sgi.com/projects/fam/ Thanks for the pointer. My problem isn't picking up the file when it's copied in, but picking it up when it's complete. Looking at the imon ( and linux fcntl(2) ), there doesn't seem to be a way to say let me know I'm the only person using this file short of mandatory locking. The work around for the users in my case is to copy the file, and then rename but I'd really like it to be a one step operation. Cheers, Chris -- Chris Green [EMAIL PROTECTED] To err is human, to moo bovine. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Migarting an NT domain to a Fedora Samba 3 domain
I have an NT domain, and I DON'T want to go to AD, and I DO want to move off NT4 to Linux for my servers. I have set up a Fedora Core 2 server in my domain. The domain recognizes it and it the other servers (oddly enough I am having some, but not complete printer problems. Well thta is a separate question) My plan is: Run Fedora as a BDC. Take down my NT PDC (I have an NT BDC btw) Upgrade the Fedora to PDC Bring up another Fedora server as a BDC But the graphic tool in Fedora does not support these activities. I am not a UN*X person. Never found the time. I am a protocols developer. So I need some graphic tools and wish to stay away fromVI and .conf files. Pointers to instructions and tools are greatly appreciated! Oh, I also want to move my Fedora PDC to the same IP address and even hostname as my NT PDC. Will save a lot of external problems. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: locks cooperating with a server side process
Gerald (Jerry) Carter [EMAIL PROTECTED] writes: This kind og question is probably better suited for the samba-technical mailing list. I would repost there. Ah thanks a bunch, Chris -- Chris Green [EMAIL PROTECTED] Chicken's thinkin' -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Interaction between wins support = yes and os level = 65
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: | I'm a little unclear about something. I want my Linux | box to be the Local Browse Master -- so that the machine | that's on all the time is the one that other computers | look to. | | Is it correct that I want in my Global Settings: | | wins support = yes | os level = 65 (or some higher number) | | And should my Windows XP workstations have the Linux box | as the Wins Server? Or should I leave the Wins Server out | of it? | Wins has nothing to do with local master browsing elections. The 2 parameters are othogonal. You need the os level to win the local browsing election. You need to wins support to consolidate your netbios namespace across multiple subnets. cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ...a hundred billion castaways looking for a home. --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/YOKIR7qMdg1EfYRAo4PAJ0ckBmp51ysMfffgjbeMd+X9dtwgwCeLWBf 2/4zmaWoWEajh25WSIeh9gM= =H1xR -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] posix locking - what does it do?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rudolf Polzer wrote: | What exactly does the POSIX locking option do? | | I know what it does NOT do: flock() the files a Windows machine has | locked. When for example a file is locked on server side (Linux, I | tried all three Debian samba releases from stable, testing and | unstable), notepad on Windows still opens it. If it however is | locked by a Windows application on another computer, notepad | refuses. | | Does posix locking perhaps map SMB locks to something else than | flock()? yeah. It maps them onto posix byte range locks (e.g. fcntl() ) cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ...a hundred billion castaways looking for a home. --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/Y5PIR7qMdg1EfYRAofGAKCrj7nvtP0VFRXjPL+9kPq5b2eivQCfXAcj Wk0oWc0Ru14OCmZr9ilQh9I= =Y1Al -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Chaning shares using Computer Management with W2k3.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mattias Andersson wrote: | I'm trying to change permissions and add shares and | remove shares etc.. on my Samba-hosts shares (running 3.0.4 | on Fedora, using the Computer Management-tool on Windows | Server 2003. I have set security = ads on the samba host | and I've joined the host to the Active Directory Server (the | same machine as the one I'm running the Computer | Management-tool on). However, I seem to get Access is | denied all the time. After some googling and some reading in | several howto's I think it must be that I dont have any | scripts for adding, removing and changing shares, set up. | Could this be the problem? | | I know how to set these in smb.conf, though I dont know | where to get them. Does anyone know where I can find | good example of such scripts? Correct. You have to write the 'addshare command' program. There's a sample in example/misc/modify_share_command.pl And you have to be connected as a root user. cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ...a hundred billion castaways looking for a home. --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/ZAmIR7qMdg1EfYRAo/yAKDFoQ6S+KkNRBZH46IBGsoWe30pUACbBMkZ cZ+uz6k8u4aXv9sZmeCJtVE= =QzOH -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Any Windows XP SP2 RC2 Experience?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jason Balicki wrote: | Earlier today I installed Windows XP SP2 RC2 onto | two of my production machines. My test boxes were | fine, but the two production machines I installed | them on failed to print in Adobe Reader and IE. | | I've got a Samba 2.2.9 DC with a CUPS printing | backend. | | Anyway, I've backed off the SP on both production | machines, and I'm going to try to replicate the | issue with another test box, but I was wondering | if anyone has any experience with this service | pack and a Samba based network? Any hints or | gotchas you want to share? We've reported a bug in XP sp2 rc2 to MS wither regards to the print change notify code. It was triggering a crash in smbd (our fault) by doing a notify operation incorrectly (ms's fault). This was reproduced using Samba 3.0.x. I think the same code exists in the 2.2.x tree. cheers, jerry - -- Hewlett-Packard- http://www.hp.com SAMBA Team -- http://www.samba.org GnuPG Key http://www.plainjoe.org/gpg_public.asc ...a hundred billion castaways looking for a home. --- Sting -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/ZLZIR7qMdg1EfYRAiGwAJ4/LkC1q2v1Y49uXwV++i+qG2eqvACg3vVM qQgqzCVC+XdCAxYfaWvAzeQ= =iSef -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Chasing the ads_add_machine_acct: Insufficient access problem
Okay, the jist of this whole thing, I get this infamous (?) problem, I have been trying to search though the archives of samba-general on gmane and also in my archive of this list. I have only seen requests for the magical answer. Environment: W2K/W2K3 mixed ADS going Native ADS only soon. Samba 3.0.4 compiled from source on a RHEL AS30 machine. MIT Kerberos v1.3.4 also compiled from source. Kernel == 2.4.21-15.0.2.ELhugemem #1 SMP Wed Jun 16 22:36:51 EDT 2004 i686 athlon i386 GNU/Linux Here is the problem in a nutshell: [EMAIL PROTECTED] root]# net ads join Computers -S mydc1.mynetwork.com [2004/07/20 15:06:09, 0] libads/ldap.c:ads_join_realm(1336) ads_add_machine_acct: Insufficient access ads_join_realm: Insufficient access and the important pieces of smb.conf: [global] workgroup = MYNETWORK netbios name = ROAR server string = Lotsa Room security = ADS realm = MYNETWORK.COM auth methods = winbind password server = mydc1.mynetwork.com passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . lanman auth = No ntlm auth = No client NTLMv2 auth = Yes client lanman auth = No client plaintext auth = No syslog = 0 log file = /var/log/samba/log.%m max log size = 1 smb ports = 445 disable netbios = Yes max xmit = 65535 name resolve order = host wins lmhosts bcast #tried both spnego Yes and No same diff. use spnego = Yes # use spnego = No server signing = auto deadtime = 10080 socket options = IPTOS_LOWDELAY TCP_NODELAY logon path = logon home = os level = 49 preferred master = No local master = No domain master = No dns proxy = No ldap ssl = no idmap uid = 1-4 idmap gid = 1-4 winbind separator = + winbind nested groups = Yes winbind cache time = 20 template homedir = /home/%D/%U invalid users = root ea support = Yes hide special files = Yes hide unreadable = Yes And here is my klist: [EMAIL PROTECTED] root]# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: [EMAIL PROTECTED] Valid starting ExpiresService principal 07/20/04 16:21:53 07/21/04 02:22:01 krbtgt/[EMAIL PROTECTED] renew until 07/21/04 16:21:53 Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached Yes, [EMAIL PROTECTED] has rights to create users and machines in the AD Tree in Computers So, now, given that this is an existing problem in v3.0.4, I have to show the way I configured and compiled it. I also compiled MIT Kerberos v1.3.4 the proper way (similar to this). Personally I like integrations. Here is the configure for samba v3.0.4: ./configure --program-prefix= --prefix=/usr --exec-prefix=/usr \ --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc \ --datadir=/usr/share --includedir=/usr/include \ --libdir=/usr/lib --libexecdir=/usr/libexec \ --localstatedir=/var --sharedstatedir=/usr/com \ --mandir=/usr/share/man --infodir=/usr/share/info --with-acl-support --with-automount \ --with-codepagedir=/usr/share/samba/codepages --with-fhs \ --with-libsmbclient --with-lockdir=/var/cache/samba --with-pam \ --with-pam_smbpass --with-piddir=/var/run \ --with-privatedir=/etc/samba --with-quotas --with-smbmount \ --with-swatdir=/usr/share/swat --with-syslog --with-utmp \ --with-vfs --without-smbwrapper --with-ads --with-winbind \ --with-krb5 Here is the configure for krb5-1.3.4: ./configure --program-prefix= --prefix=/usr --exec-prefix=/usr \ --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc \ --datadir=/usr/share --includedir=/usr/include \ --libdir=/usr/lib --libexecdir=/usr/libexec \ --localstatedir=/var --sharedstatedir=/usr/com \ --mandir=/usr/share/man --infodir=/usr/share/info CC=gcc \ CFLAGS=-O2 -g -pipe -march=i386 -mcpu=i686 -I/usr/include/et \ -fPIC LDFLAGS= CPPFLAGS=-I/usr/include/et --enable-shared \ --enable-static --bindir=/usr/kerberos/bin \ --mandir=/usr/kerberos/man --sbindir=/usr/kerberos/sbin \ --datadir=/usr/kerberos/share --localstatedir=/var/kerberos \
[Samba] No support? who said that?
Who said there was no support on this list? Look at that, Jerry's posting by truckloads! -- David Morel [EMAIL PROTECTED] signature.asc Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e=2E?= -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Re: String overflow in safe_strcpy - bug in documentation
On Tue, Jul 20, 2004 at 09:51:25PM +0200, Thomas Bork wrote: Herb Lewis schrieb: you can change mangle prefix to specify the number of characters you want to stay the same. Just remember the more letters that remain the same the more likely you will get a collision and slow things down. http://de.samba.org/samba/docs/man/smb.conf.5.html mangling method (G) controls the algorithm used for the generating the mangled names. Can take two different values, hash and hash2. hash is the default and is the algorithm that has been used in Samba for many years. hash2 is a newer and considered a better algorithm (generates less collisions) in the names. However, many Win32 applications store the mangled names and so changing to the new algorithm must not be done lightly as these applications may break unless reinstalled. Default: mangling method = hash2 Example: mangling method = hash But: hash is not the default (this was in 2.2.x) Fixed in the SVN docs - thanks a *lot* ! Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] sessionid.tdb not initialised
Hi all, I am new to the list, I have setup samba using solaris package samba-3.0.2a I am running solaris 8. Everything seems to be working fine. But one thing, when I bash-2.03# ./smbstatus sessionid.tdb not initialised Service pid machine Connected at --- No locked files bash-2.03# I got a sessionid.tdb not initialised. Is that a problem? And how do I fix this problem. Thanks in advance. Kind Regards, Clive Luk -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Character Set
Hi, Is character set = ISO8859-15 still an valid option under samba-3.0.x? When I run testparm, it complains Unknown parameter encountered. Regards, Norman -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] FIXED: Chasing the ads_add_machine_acct: Insufficient access problem
Fix provided below. On Tue, 2004-07-20 at 18:06, Greg Folkert wrote: Okay, the jist of this whole thing, I get this infamous (?) problem, I have been trying to search though the archives of samba-general on gmane and also in my archive of this list. I have only seen requests for the magical answer. Environment: W2K/W2K3 mixed ADS going Native ADS only soon. Samba 3.0.4 compiled from source on a RHEL AS30 machine. MIT Kerberos v1.3.4 also compiled from source. Kernel == 2.4.21-15.0.2.ELhugemem #1 SMP Wed Jun 16 22:36:51 EDT 2004 i686 athlon i386 GNU/Linux Here is the problem in a nutshell: [EMAIL PROTECTED] root]# net ads join Computers -S mydc1.mynetwork.com [2004/07/20 15:06:09, 0] libads/ldap.c:ads_join_realm(1336) ads_add_machine_acct: Insufficient access ads_join_realm: Insufficient access and the important pieces of smb.conf: [global] workgroup = MYNETWORK netbios name = ROAR server string = Lotsa Room security = ADS realm = MYNETWORK.COM auth methods = winbind password server = mydc1.mynetwork.com passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . lanman auth = No ntlm auth = No client NTLMv2 auth = Yes client lanman auth = No client plaintext auth = No syslog = 0 log file = /var/log/samba/log.%m max log size = 1 smb ports = 445 disable netbios = Yes max xmit = 65535 name resolve order = host wins lmhosts bcast #tried both spnego Yes and No same diff. use spnego = Yes # use spnego = No server signing = auto deadtime = 10080 socket options = IPTOS_LOWDELAY TCP_NODELAY logon path = logon home = os level = 49 preferred master = No local master = No domain master = No dns proxy = No ldap ssl = no idmap uid = 1-4 idmap gid = 1-4 winbind separator = + winbind nested groups = Yes winbind cache time = 20 template homedir = /home/%D/%U invalid users = root ea support = Yes hide special files = Yes hide unreadable = Yes And here is my klist: [EMAIL PROTECTED] root]# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: [EMAIL PROTECTED] Valid starting ExpiresService principal 07/20/04 16:21:53 07/21/04 02:22:01 krbtgt/[EMAIL PROTECTED] renew until 07/21/04 16:21:53 Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached Yes, [EMAIL PROTECTED] has rights to create users and machines in the AD Tree in Computers So, now, given that this is an existing problem in v3.0.4, I have to show the way I configured and compiled it. I also compiled MIT Kerberos v1.3.4 the proper way (similar to this). Personally I like integrations. Here is the configure for samba v3.0.4: ./configure --program-prefix= --prefix=/usr --exec-prefix=/usr \ --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc \ --datadir=/usr/share --includedir=/usr/include \ --libdir=/usr/lib --libexecdir=/usr/libexec \ --localstatedir=/var --sharedstatedir=/usr/com \ --mandir=/usr/share/man --infodir=/usr/share/info --with-acl-support --with-automount \ --with-codepagedir=/usr/share/samba/codepages --with-fhs \ --with-libsmbclient --with-lockdir=/var/cache/samba --with-pam \ --with-pam_smbpass --with-piddir=/var/run \ --with-privatedir=/etc/samba --with-quotas --with-smbmount \ --with-swatdir=/usr/share/swat --with-syslog --with-utmp \ --with-vfs --without-smbwrapper --with-ads --with-winbind \ --with-krb5 Here is the configure for krb5-1.3.4: ./configure --program-prefix= --prefix=/usr --exec-prefix=/usr \ --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc \ --datadir=/usr/share --includedir=/usr/include \ --libdir=/usr/lib --libexecdir=/usr/libexec \ --localstatedir=/var --sharedstatedir=/usr/com \ --mandir=/usr/share/man --infodir=/usr/share/info CC=gcc \ CFLAGS=-O2 -g -pipe -march=i386 -mcpu=i686 -I/usr/include/et \ -fPIC LDFLAGS= CPPFLAGS=-I/usr/include/et --enable-shared \
[Samba] Re: Problem with Authnication from NT
I have the same problem. The log file said: # [2004/07/20 21:46:47, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1512) # ldapsam_update_sam_account: failed to modify user with uid = king$, error: modify/delete: sambaPrimaryGroupSID: no such value (Success) # [2004/07/20 21:46:49, 0] passdb/pdb_ldap.c:ldapsam_delete_entry(271) # ldapsam_delete_entry: Entry must exist exactly once! I tried 'smbldap-useradd -w King$'. It does not seem to add Add the SambaSID. # smbldap-useradd -w king$ # smbldap-usershow king$ dn: uid=king$,ou=Computers,dc=sunix,dc=com objectClass: top,inetOrgPerson,posixAccount cn: king$ sn: king$ uid: king$ uidNumber: 1023 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer Forcing creating a Samba account with option -a give me an error: # smbldap-useradd -a -w king$ Can't call method get_value on an undefined value at /usr/sbin/smbldap-useradd line 152, DATA line 283. Using pdbedit also has problems: # pdbedit -a -m -u king ldapsam_add_sam_account: failed to modify/add user with uid = king$ (dn = uid=king$,ou=Computers,dc=sunix,dc=com) Unable to add machine! (does it already exist?) I started to think the add machine script must be wrong or something. Please help somebody. -- Kang Hi Samba Guru's... I have a problem connecting from a windows NT workstation to Samba server. It is working fine for Windows XP and Windows 2000. Samba not logging any information about that Windows NT m/c. Here i am giving the smb.conf file. Please try to help me to work it for Win NT also. Here is my Configuration file. Thanks in advance for any help. # Global Parameters [global] netbios name = avengr03 workgroup = avengr03 map to guest = Bad User passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password %n\n *passwd:*all*authentication*tokens*updated*sucessfully* # Debug Logging Information Log Level = 2 max log size = 1000 # log file = /var/log/samba/samba.log.%m socket options = TCP_NODELAY IPTOS_LOWDELAY wins support = yes # Networking configuration Options Hosts Allow = *.*.*.* [Proj1] comment = Proj1 directory path = /engr/proj1 read only = No valid users = @tec,pvasireddy,pbuenros,dan,dsteffen,scollins [Proj2] comment = Proj2 directory path = /engr/proj2 read only = No valid users = @tec,pvasireddy,pbuenros,dan,dsteffen,scollins -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: Samba/LDAP/PDC Questions
Hello Paul, Thank you for the help. Now I am back to my original question: I cannot add NT4 machine to the samba domain! I tried to use the Identification changes from NT4 system to sign into the domain, it said The machine account for this computer does not exist or is anaccessible. The log file said: [2004/07/20 21:46:47, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1512) ldapsam_update_sam_account: failed to modify user with uid = king$, error: modify/delete: sambaPrimaryGroupSID: no such value (Success) [2004/07/20 21:46:49, 0] passdb/pdb_ldap.c:ldapsam_delete_entry(271) ldapsam_delete_entry: Entry must exist exactly once! I tried 'smbldap-useradd -w King$'. It does not seem to add the SambaSID. # smbldap-useradd -w king$ # smbldap-usershow king$ dn: uid=king$,ou=Computers,dc=sunix,dc=com objectClass: top,inetOrgPerson,posixAccount cn: king$ sn: king$ uid: king$ uidNumber: 1023 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer Forcing creating a Samba account with option -a give me an error: # smbldap-useradd -a -w king$ Can't call method get_value on an undefined value at /usr/sbin/smbldap-useradd line 152, DATA line 283. Using pdbedit also has problems: # pdbedit -a -m -u king ldapsam_add_sam_account: failed to modify/add user with uid = king$ (dn = uid=king$,ou=Computers,dc=sunix,dc=com) Unable to add machine! (does it already exist?) I started to think the add machine script must be wrong or something. -- Kang -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Problem with Authnication from NT
OK, I just figured out how to do it. My NT4 workstation is called king. Use 'smbldap-useradd -w king' to add the posixAccount: king$. Then use 'smbpasswd -a -m king' to add the samba account. You will have # smbldap-usershow king$ dn: uid=king$,ou=Computers,dc=sunix,dc=com objectClass: top,inetOrgPerson,posixAccount,sambaSamAccount cn: king$ sn: king$ uid: king$ uidNumber: 1025 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer sambaSID: S-1-5-21-1242048156-3479289135-3828126537-3050 sambaPrimaryGroupSID: S-1-5-21-1242048156-3479289135-3828126537-2031 displayName: king$ sambaPwdCanChange: 1090385089 sambaPwdMustChange: 2147483647 sambaLMPassword: FE250117FB90641FAAD3B435B51404EE sambaNTPassword: 0FBD58B776542B3CB589E0D8F686A3A7 sambaPwdLastSet: 1090385089 sambaAcctFlags: [W ] Then loginto NT4 and change its identification from workgroup to domain, without creating new account. Hope this works for you guys, too! --- Kang Kang Sun [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I have the same problem. The log file said: # [2004/07/20 21:46:47, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1512) # ldapsam_update_sam_account: failed to modify user with uid = king$, error: modify/delete: sambaPrimaryGroupSID: no such value (Success) # [2004/07/20 21:46:49, 0] passdb/pdb_ldap.c:ldapsam_delete_entry(271) # ldapsam_delete_entry: Entry must exist exactly once! I tried 'smbldap-useradd -w King$'. It does not seem to add Add the SambaSID. # smbldap-useradd -w king$ # smbldap-usershow king$ dn: uid=king$,ou=Computers,dc=sunix,dc=com objectClass: top,inetOrgPerson,posixAccount cn: king$ sn: king$ uid: king$ uidNumber: 1023 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer Forcing creating a Samba account with option -a give me an error: # smbldap-useradd -a -w king$ Can't call method get_value on an undefined value at /usr/sbin/smbldap-useradd line 152, DATA line 283. Using pdbedit also has problems: # pdbedit -a -m -u king ldapsam_add_sam_account: failed to modify/add user with uid = king$ (dn = uid=king$,ou=Computers,dc=sunix,dc=com) Unable to add machine! (does it already exist?) I started to think the add machine script must be wrong or something. Please help somebody. -- Kang Hi Samba Guru's... I have a problem connecting from a windows NT workstation to Samba server. It is working fine for Windows XP and Windows 2000. Samba not logging any information about that Windows NT m/c. Here i am giving the smb.conf file. Please try to help me to work it for Win NT also. Here is my Configuration file. Thanks in advance for any help. # Global Parameters [global] netbios name = avengr03 workgroup = avengr03 map to guest = Bad User passwd program = /usr/bin/passwd %u passwd chat = *New*password* %n\n *Retype*new*password %n\n *passwd:*all*authentication*tokens*updated*sucessfully* # Debug Logging Information Log Level = 2 max log size = 1000 # log file = /var/log/samba/samba.log.%m socket options = TCP_NODELAY IPTOS_LOWDELAY wins support = yes # Networking configuration Options Hosts Allow = *.*.*.* [Proj1] comment = Proj1 directory path = /engr/proj1 read only = No valid users = @tec,pvasireddy,pbuenros,dan,dsteffen,scollins [Proj2] comment = Proj2 directory path = /engr/proj2 read only = No valid users = @tec,pvasireddy,pbuenros,dan,dsteffen,scollins -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Re: Samba/LDAP/PDC Questions
OK, I just figured out how to do it. My NT4 workstation is called king. Use 'smbldap-useradd -w king' to add the posixAccount: king$. Then use 'smbpasswd -a -m king' to add the samba account. You will have # smbldap-usershow king$ dn: uid=king$,ou=Computers,dc=sunix,dc=com objectClass: top,inetOrgPerson,posixAccount,sambaSamAccount cn: king$ sn: king$ uid: king$ uidNumber: 1025 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer sambaSID: S-1-5-21-1242048156-3479289135-3828126537-3050 sambaPrimaryGroupSID: S-1-5-21-1242048156-3479289135-3828126537-2031 displayName: king$ sambaPwdCanChange: 1090385089 sambaPwdMustChange: 2147483647 sambaLMPassword: FE250117FB90641FAAD3B435B51404EE sambaNTPassword: 0FBD58B776542B3CB589E0D8F686A3A7 sambaPwdLastSet: 1090385089 sambaAcctFlags: [W ] Then loginto NT4 and change its identification from workgroup to domain, without creating new account. Thanks anyway! == Kang Sun [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Hello Paul, Thank you for the help. Now I am back to my original question: I cannot add NT4 machine to the samba domain! I tried to use the Identification changes from NT4 system to sign into the domain, it said The machine account for this computer does not exist or is anaccessible. The log file said: [2004/07/20 21:46:47, 0] passdb/pdb_ldap.c:ldapsam_update_sam_account(1512) ldapsam_update_sam_account: failed to modify user with uid = king$, error: modify/delete: sambaPrimaryGroupSID: no such value (Success) [2004/07/20 21:46:49, 0] passdb/pdb_ldap.c:ldapsam_delete_entry(271) ldapsam_delete_entry: Entry must exist exactly once! I tried 'smbldap-useradd -w King$'. It does not seem to add the SambaSID. # smbldap-useradd -w king$ # smbldap-usershow king$ dn: uid=king$,ou=Computers,dc=sunix,dc=com objectClass: top,inetOrgPerson,posixAccount cn: king$ sn: king$ uid: king$ uidNumber: 1023 gidNumber: 515 homeDirectory: /dev/null loginShell: /bin/false description: Computer Forcing creating a Samba account with option -a give me an error: # smbldap-useradd -a -w king$ Can't call method get_value on an undefined value at /usr/sbin/smbldap-useradd line 152, DATA line 283. Using pdbedit also has problems: # pdbedit -a -m -u king ldapsam_add_sam_account: failed to modify/add user with uid = king$ (dn = uid=king$,ou=Computers,dc=sunix,dc=com) Unable to add machine! (does it already exist?) I started to think the add machine script must be wrong or something. -- Kang -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
[Samba] Re: Samba 3.0.4 Performance Problem (tcp win 1)
On Mon, 19 Jul 2004 14:09:34 -0500, Chris Richards [EMAIL PROTECTED] wrote: Howdy. I have observed a horrific performance problem in my setup. I'm running samba on a Linux Fedora Core 1 machine with Windows clients. The samba server is communicating with a Windows 98 machine. Cycling both the samba server and the interface does not correct the problem. However, doing this I can double my transfer rates as the window size is now 2 instead of 1. No clue, huh? /ds -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
VFC File truncated when copied from VMS to Linux via smbfs
I have a pair of log files of similar size and format that always are truncated somewhere at around the 16000'th out of 19000+ lines when I copy them from a Samba 2.2.8 VMS system to a Linux system running Samba 3.0.4 and smbfs (Linux 2.6.7). A dir/full of one of the files is as follows: SYNEDT_P.BG;1 File ID: (259952,18,0) Size: 1950/2001 Owner:[DV,BG] Created:20-JUL-2004 13:33:36.00 Revised:20-JUL-2004 13:33:36.00 (7) Expires:20-JUL-2014 13:50:42.06 Backup: No backup recorded Effective: None specified Recording: None specified Accessed: None specified Attributes: None specified Modified: None specified Linkcount: 1 File organization: Sequential Shelved state: Online Caching attribute: Writethrough File attributes:Allocation: 2001, Extend: 0, Global buffer count: 0 Version limit: 1 Record format: VFC, 2 byte header, maximum 0 bytes, longest 3828 bytes Record attributes: Print file carriage control RMS attributes: None Journaling enabled: None File protection:System:RWED, Owner:RWED, Group:RWED, World: Access Cntrl List: None Client attributes: None If I convert the file using this stream.fdl and then copy the file, it is no longer truncated by the copy: FILE ORGANIZATIONsequential RECORD BLOCK_SPAN yes CARRIAGE_CONTROLcarriage_return FORMAT stream_lf I cannot reproduce the truncation when I copy the file from the VMS system to a Win2K system. Nor can I reproduce the truncation when I use GNOME nautilus to copy the file. Any idea what might be going wrong, here? Ben -- Ben Armstrong-. Medianet Development Group, [EMAIL PROTECTED] `-.Dymaxion Research Limited URL: http://www.dymaxion.ca/`- Halifax, Nova Scotia, Canada PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING: http://www.catb.org/~esr/faqs/smart-questions.html
svn commit: samba r1552 - in branches/SAMBA_4_0/source/librpc: . idl
Author: metze Date: 2004-07-20 20:30:29 + (Tue, 20 Jul 2004) New Revision: 1552 Added: branches/SAMBA_4_0/source/librpc/idl/krb5pac.idl Modified: branches/SAMBA_4_0/source/librpc/config.m4 Log: commit the first version of the pidl generated krb5 PAC parser NOTE: there a lot of work todo, maybe we need to extent pidl metze WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/branches/SAMBA_4_0/source/librpcrev=1552nolog=1
svn commit: samba-docs r173 - trunk/smbdotconf/filename
Author: jra Date: 2004-07-20 22:17:19 + (Tue, 20 Jul 2004) New Revision: 173 Modified: trunk/smbdotconf/filename/manglingmethod.xml Log: Update to note hash2 is the default - noticed by Thomas Bork [EMAIL PROTECTED]. Jeremy. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-docspath=/rev=173nolog=1
svn commit: samba r1553 - in branches/SAMBA_3_0/source: rpc_client rpcclient
Author: jra Date: 2004-07-21 01:32:09 + (Wed, 21 Jul 2004) New Revision: 1553 Modified: branches/SAMBA_3_0/source/rpc_client/cli_srvsvc.c branches/SAMBA_3_0/source/rpcclient/cmd_srvsvc.c Log: Good patch from Guenther Deschner [EMAIL PROTECTED] to display share ACL entries from rpcclient. Jeremy. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/branches/SAMBA_3_0/sourcerev=1553nolog=1
svn commit: samba r1554 - in trunk/source: rpc_client rpcclient
Author: jra Date: 2004-07-21 01:32:47 + (Wed, 21 Jul 2004) New Revision: 1554 Modified: trunk/source/rpc_client/cli_srvsvc.c trunk/source/rpcclient/cmd_srvsvc.c Log: Good patch from Guenther Deschner [EMAIL PROTECTED] to display share ACL entries from rpcclient. Jeremy. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/trunk/sourcerev=1554nolog=1
svn commit: samba r1555 - tags
Author: jerry Date: 2004-07-21 02:31:41 + (Wed, 21 Jul 2004) New Revision: 1555 Added: tags/release-2-2-9/ Log: never tagged the 2.2.9 release. Doing some housekeeping WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1555nolog=1
svn commit: samba-web r158 - trunk
Author: deryck Date: 2004-07-21 03:01:51 + (Wed, 21 Jul 2004) New Revision: 158 Added: trunk/security.html Removed: trunk/security.html Log: Updating security page format per discussion with jerry. Should be close to being ready with some minor tweaks. --deryck WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/rev=158nolog=1
svn commit: samba r1557 - branches/SAMBA_3_0/source/nsswitch
Author: sharpe Date: 2004-07-21 04:24:30 + (Wed, 21 Jul 2004) New Revision: 1557 Modified: branches/SAMBA_3_0/source/nsswitch/winbindd.c Log: Add sigchld handling to winbindd. Next step is to have the child restarted if need be. We should also make sure the main line know we no longer have a child. WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=sambapath=/rev=1557nolog=1
svn commit: samba-web r159 - in branches/tmp.samba.org: . style
Author: deryck Date: 2004-07-21 04:45:06 + (Wed, 21 Jul 2004) New Revision: 159 Added: branches/tmp.samba.org/local_footer.html Modified: branches/tmp.samba.org/footer.html branches/tmp.samba.org/header2.html branches/tmp.samba.org/style/samba.css Log: This is a pass at cross-browser compatibility. IE5/6 will look just like mozilla/gecko-based browsers now, at least on the front page tmp.samba.org/samba/samba.html. --deryck WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/branches/tmp.samba.orgrev=159nolog=1
svn commit: samba-web r160 - branches/tmp.samba.org/images
Author: deryck Date: 2004-07-21 05:43:55 + (Wed, 21 Jul 2004) New Revision: 160 Added: branches/tmp.samba.org/images/bug_logo.png Log: Making an attempt at a logo for bugzilla. Mostly for Vance to play with. --deryck WebSVN: http://websvn.samba.org/websvn/changeset.php?rep=samba-webpath=/rev=160nolog=1
